Sounds user-assigned managed identity could do. Create one and try to follow instructions:
Log in with a user-assigned managed identity. You must specify the client ID, object ID or resource ID of the user-assigned managed identity with --username.

az login --identity --username 00000000-0000-0000-0000-000000000000