When creating a new b2c tenant using automation from azuredevOps , SPN doesn;t work..
Only option is to use endpoint authenticated user.
'Failed'.","details":[{"code":"DeploymentFailed","target":"/subscriptions/xxxx-xxxx-xxxx-xxxx-xxxxxxxx/resourceGroups/$RG/providers/Microsoft.Resources/deployments/$BWCNAME","message":"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-deployment-operations for usage details.","details":[{"code":"BadRequest","message":"You do not have permission to view this directory or page."}]}]}]}}
using userid and password script with bicep it works fine.
This is by design. When creating a new Azure AD B2C tenant, a user is required to be assigned the Global Admin role.