diff --git a/cli/azd/cmd/auth_login.go b/cli/azd/cmd/auth_login.go
index 753b9f69439..a8016d8b566 100644
--- a/cli/azd/cmd/auth_login.go
+++ b/cli/azd/cmd/auth_login.go
@@ -253,6 +253,35 @@ func newAuthLoginAction(
 }
 
 func (la *loginAction) Run(ctx context.Context) (*actions.ActionResult, error) {
+	loginMode, err := la.authManager.Mode()
+	if err != nil {
+		return nil, err
+	}
+	if loginMode != auth.AzdBuiltIn && !la.flags.onlyCheckStatus {
+		la.console.MessageUxItem(ctx, &ux.WarningAltMessage{
+			Message: fmt.Sprintf(
+				"azd is not using the built-in authentication mode, but rather '%s'", loginMode),
+		})
+		la.console.Message(ctx, "If you want to use 'azd auth login', you need to disable the current auth mode.")
+		response, err := la.console.Confirm(ctx, input.ConsoleOptions{
+			Message:      "Do you want to switch back to azd built-in authentication?",
+			DefaultValue: false,
+			Help: "azd supports multiple authentication modes, including " + string(auth.AzDelegated) + " and " +
+				string(auth.ExternalRequest) + " for Auth." +
+				" Switching back to azd built-in authentication will try to disable the current mode.",
+		})
+		if err != nil {
+			return nil, err
+		}
+		if !response {
+			return nil, fmt.Errorf("log in is not supported on current mode: %s", loginMode)
+		}
+		if err := la.authManager.SetBuiltInAuthMode(); err != nil {
+			return nil, fmt.Errorf("setting auth mode: %w", err)
+		}
+		la.console.Message(ctx, "Authentication mode set to azd built-in. Continuing login...")
+	}
+
 	if len(la.flags.scopes) == 0 {
 		la.flags.scopes = la.authManager.LoginScopes()
 	}
diff --git a/cli/azd/cmd/util.go b/cli/azd/cmd/util.go
index 3641f0c4db5..91b764e4ab8 100644
--- a/cli/azd/cmd/util.go
+++ b/cli/azd/cmd/util.go
@@ -161,7 +161,7 @@ func openWithDefaultBrowser(ctx context.Context, console input.Console, url stri
 	}
 
 	log.Printf("warning: failed to use manual launch: %v\n", err)
-	console.Message(ctx, fmt.Sprintf("Azd was unable to open the next url. Please try it manually: %s", url))
+	console.Message(ctx, fmt.Sprintf("azd was unable to open the next url. Please try it manually: %s", url))
 }
 
 type envFlagKey string
diff --git a/cli/azd/extensions/azure.coding-agent/internal/cmd/debt.go b/cli/azd/extensions/azure.coding-agent/internal/cmd/debt.go
index a9e8e37f635..569e984fe6b 100644
--- a/cli/azd/extensions/azure.coding-agent/internal/cmd/debt.go
+++ b/cli/azd/extensions/azure.coding-agent/internal/cmd/debt.go
@@ -78,5 +78,5 @@ func openWithDefaultBrowser(ctx context.Context, console input.Console, url stri
 	}
 
 	log.Printf("warning: failed to use manual launch: %v\n", err)
-	console.Message(ctx, fmt.Sprintf("Azd was unable to open the next url. Please try it manually: %s", url))
+	console.Message(ctx, fmt.Sprintf("azd was unable to open the next url. Please try it manually: %s", url))
 }
diff --git a/cli/azd/pkg/auth/manager.go b/cli/azd/pkg/auth/manager.go
index 1cfcf1073fe..ca834bbc5a5 100644
--- a/cli/azd/pkg/auth/manager.go
+++ b/cli/azd/pkg/auth/manager.go
@@ -1409,3 +1409,67 @@ func (m *Manager) LogInDetails(ctx context.Context) (*LogInDetails, error) {
 
 	return nil, ErrNoCurrentUser
 }
+
+type AuthSource string
+
+const (
+	AzdBuiltIn      AuthSource = "azd built in"
+	AzDelegated     AuthSource = "az cli"
+	ExternalRequest AuthSource = "external endpoint"
+)
+
+func (m *Manager) Mode() (AuthSource, error) {
+	// Check external
+	if m.UseExternalAuth() {
+		return ExternalRequest, nil
+	}
+
+	// check az delegation
+	cfg, err := m.userConfigManager.Load()
+	if err != nil {
+		return "", fmt.Errorf("fetching current user: %w", err)
+	}
+
+	if shouldUseLegacyAuth(cfg) {
+		return AzDelegated, nil
+	}
+
+	// default to azd
+	return AzdBuiltIn, nil
+}
+
+func (m *Manager) SetBuiltInAuthMode() error {
+	currentMode, err := m.Mode()
+	if err != nil {
+		return fmt.Errorf("fetching current auth mode: %w", err)
+	}
+	if currentMode == AzdBuiltIn {
+		return nil
+	}
+
+	if currentMode == ExternalRequest {
+		return fmt.Errorf("cannot change auth mode when external token mode is set. See %s",
+			"https://aka.ms/azd-auth")
+	}
+
+	// protecting against unexpected modes. There should be only azDelegated left.
+	if currentMode != AzDelegated {
+		return fmt.Errorf("Unexpected mode found: %s", currentMode)
+	}
+
+	// Unset the useAzCliAuthKey flag
+	cfg, err := m.userConfigManager.Load()
+	if err != nil {
+		return fmt.Errorf("reading user config: %w", err)
+	}
+
+	if err := cfg.Unset(useAzCliAuthKey); err != nil {
+		return fmt.Errorf("unsetting %s: %w", useAzCliAuthKey, err)
+	}
+
+	if err := m.userConfigManager.Save(cfg); err != nil {
+		return fmt.Errorf("saving user config: %w", err)
+	}
+
+	return nil
+}
diff --git a/cli/azd/pkg/llm/github_copilot.go b/cli/azd/pkg/llm/github_copilot.go
index 472afd80b97..809b9db4093 100644
--- a/cli/azd/pkg/llm/github_copilot.go
+++ b/cli/azd/pkg/llm/github_copilot.go
@@ -393,7 +393,7 @@ func newCopilotToken(githubToken string) (*tokenData, error) {
 	// Set headers to mimic an approved Copilot client
 	req.Header.Set("Authorization", "token "+githubToken)
 	req.Header.Set("Accept", "application/json")
-	req.Header.Set("User-Agent", "Azd/1.17.0")
+	req.Header.Set("User-Agent", "azd/1.17.0")
 
 	resp, err := client.Do(req)
 	if err != nil {