Creating a shared access signature for a container or blob
The Azure Blob service supports fully authenticated requests, anonymous requests, and requests authenticated by a temporary access key, referred to as a shared access signature. The latter allows access to containers or blobs to only those in possession of the shared access signature.
A shared access signature is constructed from a combination of the following:
- Resource (container or blob)
- Access rights (read, write, delete, and list)
- Start time
- Expiration time
- Advanced settings
These are combined into a string from which a 256-bit HMAC is generated. An access key for the storage account is used to seed the HMAC generation. This HMAC is referred to as a shared access signature. The process of ...
Get Microsoft Azure Development Cookbook Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.