diff --git a/builder/azure/common/devicelogin.go b/builder/azure/common/devicelogin.go
index 6978749ec..a63f34cc1 100644
--- a/builder/azure/common/devicelogin.go
+++ b/builder/azure/common/devicelogin.go
@@ -20,7 +20,8 @@ import (
 var (
 	// AD app id for packer-azure driver.
 	clientIDs = map[string]string{
-		azure.PublicCloud.Name: "04cc58ec-51ab-4833-ac0d-ce3a7912414b",
+		azure.PublicCloud.Name:       "04cc58ec-51ab-4833-ac0d-ce3a7912414b",
+		azure.USGovernmentCloud.Name: "a1479822-da77-46a7-abd0-6edacc8a8fac",
 	}
 )
 
diff --git a/website/source/docs/builders/azure-setup.html.md b/website/source/docs/builders/azure-setup.html.md
index 697861c00..92ae04325 100644
--- a/website/source/docs/builders/azure-setup.html.md
+++ b/website/source/docs/builders/azure-setup.html.md
@@ -44,7 +44,7 @@ There are three pieces of information you must provide to enable device login mo
 
 > Device login mode is enabled by not setting client\_id and client\_secret.
 
-> Device login mode is for the public cloud only, and Linux VMs only.
+> Device login mode is for the Public and US Gov clouds only, and Linux VMs only.
 
 The device login flow asks that you open a web browser, navigate to <http://aka.ms/devicelogin>, and input the supplied
 code. This authorizes the Packer for Azure application to act on your behalf. An OAuth token will be created, and stored