What causes AADSTS90120?

The user already completed the device code prompt (approved or declined) and the client keeps polling the /token endpoint with the same device_code. The device_code was reused across multiple polling attempts or a retry after a successful token exchange. The polling client did not stop after receiving a successful authorization_pending → success transition and continued calling /token. Stale device_code cached in a CLI tool, SDK, or script (e.g. azcopy, az login --use-device-code, Power BI REST scripts) from a previous run. A second process or tab tried to authorize using the same device_code that another process already consumed

How do I fix AADSTS90120?

Stop polling on the current device_code — it is permanently consumed. Initiate a new device code request against https://login.microsoftonline.com/{tenant}/oauth2/v2.0/devicecode to get a fresh device_code and user_code. In your client code, exit the polling loop as soon as /token returns a successful response (or an error other than authorization_pending / slow_down) — do not re-poll after success. Clear any cached device_code in your tool: for Azure CLI run 'az logout' then 'az login --use-device-code'; for custom scripts, ensure the device_code variable is not persisted between runs. If you are integrating Power BI / Fabric REST APIs from a headless service, switch from device code flow to a service principal with client credentials or a managed identity — device code flow is intended for interactive sign-in on input-constrained devices, not for automation. Verify only one process at a time consumes a given device_code; if multiple workers share auth code, serialize the auth step or give each worker its own flow

Low severityauthentication

Power BI Error:
AADSTS90120

What does this error mean?

The device code authorization request was already completed (approved or denied) and cannot be reused.

Common causes

1The user already completed the device code prompt (approved or declined) and the client keeps polling the /token endpoint with the same device_code
2The device_code was reused across multiple polling attempts or a retry after a successful token exchange
3The polling client did not stop after receiving a successful authorization_pending → success transition and continued calling /token
4Stale device_code cached in a CLI tool, SDK, or script (e.g. azcopy, az login --use-device-code, Power BI REST scripts) from a previous run
5A second process or tab tried to authorize using the same device_code that another process already consumed

How to fix it

1Stop polling on the current device_code — it is permanently consumed. Initiate a new device code request against https://login.microsoftonline.com/{tenant}/oauth2/v2.0/devicecode to get a fresh device_code and user_code
2In your client code, exit the polling loop as soon as /token returns a successful response (or an error other than authorization_pending / slow_down) — do not re-poll after success
3Clear any cached device_code in your tool: for Azure CLI run 'az logout' then 'az login --use-device-code'; for custom scripts, ensure the device_code variable is not persisted between runs
4If you are integrating Power BI / Fabric REST APIs from a headless service, switch from device code flow to a service principal with client credentials or a managed identity — device code flow is intended for interactive sign-in on input-constrained devices, not for automation
5Verify only one process at a time consumes a given device_code; if multiple workers share auth code, serialize the auth step or give each worker its own flow

Frequently asked questions

What does AADSTS90120 mean?

The request was already authorized or declined.

How do I fix this error?

Check your application registration, token configuration, and user permissions in the Azure portal. Review Conditional Access policies if the error is policy-related.

Source · learn.microsoft.com/en-us/entra/identity-platform/reference-error-codes#aadsts-error-codes