Skip to content

Authorization Methods

Jump to bottom
SimonOfHH edited this page Dec 27, 2020 · 5 revisions

Azure supports multiple options to authorize requests (see here). The App supports the following right now:

Option Status Description
Shared Key (Storage Account Key) Use one of the keys you can find under "Settings" --> "Access keys" in the Azure portal for your Storage Account (or via Get-AzStorageAccountKey)
Shared Access Signature (SAS) Generate a SAS token under "Settings" --> "Shared access signature" in the Azure portal for your Storage Account (or via New-AzStorageAccountSASToken)
Azure Active Directory (Azure AD) (✓) Partly; can be used with grant_type=client_credentials (non-interactive); client_id (or application_id), client_secret and tenant_id are needed; Tutorial will follow
Active Directory (preview) not planned

Authorizing in App

Using the different Authorization Methods within the app couldn't be easier. You only call InitializeAuthorization of Codeunit "AZBSA Request Object" with the desired value of Enum "AZBSA Authorization Type" and pass the secret (either the Shared Key (aka Access Key) or with the Shared access signature.

Example for Shared Key

local procedure AuthWithSharedKey()
var
    API: Codeunit "AZBSA Blob Storage API";
    RequestObject: Codeunit "AZBSA Request Object";
    AuthType: Enum "AZBSA Authorization Type";
begin
    RequestObject.InitializeAuthorization(AuthType::SharedKey, '02ruoBoh....jjwgooov49oMA==');
    // ...
    // [Your Code here]
    // ...
end;

Example for Shared Access Signature (SAS)

local procedure AuthWithSharedAccessSignature()
var
    API: Codeunit "AZBSA Blob Storage API";
    RequestObject: Codeunit "AZBSA Request Object";
    AuthType: Enum "AZBSA Authorization Type";
begin
    RequestObject.InitializeAuthorization(AuthType::SasToken, 'sv=2019-12-12&ss=bfqt&srt=sco&sp=rwdlacupx&se=2020-12-07T13:13:44Z&st=2020-12-07T....%2BuQwAbZ9wTfrqMdOlg67k4%3D');
    // ...
    // [Your Code here]
    // ...
end;

Example for Azure AD (AAD)

local procedure AuthWithAzureAD()
var
    API: Codeunit "AZBSA Blob Storage API";
    RequestObject: Codeunit "AZBSA Request Object";
    AuthType: Enum "AZBSA Authorization Type";
begin
    RequestObject.InitializeAuthorization(AuthType::"AAD (Client Credentials)", '0AB6Q~y2l...-9yJ_6sO', '7bf10000-0000-0000-0000-000044e760ce', '277c0000-0000-0000-0000-0000724060d2');
    // ...
    // [Your Code here]
    // ...
end;
  1. Overview
  2. API Coverage Status
  3. Authorization Methods
  4. Usage
    1. Tutorial
    2. Optional URI Parameters
    3. Optional Request Headers
  5. Object Overview
    1. Blob Storage Connection
    2. Blob Storage API
  6. Examples
    1. Container
    2. BLOBs
  7. FAQ
Clone this wiki locally