Hello Nipuna Weerasinghe,
Thank you for posting your query here!
As mentioned earlier, Azure Blob Storage is a good option for storing large amounts of unstructured data like documents, images, and videos. It provides high availability, high durability, and massive scalability for data objects. You can use Azure Blob Storage with Power Apps to allow users to upload and download files.
I also thinking blob storage, but how easy enough B2C user to upload and download documents from blob? User required direct access to the containers in blob to upload documents manully, the power page app provides the link to the container. Initially I was thinking Sharepoint Online, but b2C won't get access, so can't use. Thanks.
Direct access to Blob Storage for B2C users is not typically recommended due to security reasons. Instead, you can create an intermediary service, such as an API, that handles the file uploads and downloads. This service would have the necessary permissions to interact with Blob Storage.
You can use Azure Active Directory (AAD) B2C for authentication.
Implement Azure Functions to act as a middle layer between your Power Pages and Azure Blob Storage. These functions will handle the file uploads and downloads, ensuring that users do not have direct access to the storage, which secures your data.
Use Shared Access Signatures (SAS) to give users temporary, secure access to the Blob Storage for uploading or downloading files without exposing your storage account keys. SAS tokens can be generated dynamically by Azure Functions.
Use Azure Functions as APIs that your Power Pages application can call to perform upload and download operations.
Implement file upload controls within Power Pages for users to select files. When a file is selected, trigger the corresponding API endpoint to upload the file to Blob Storage via Azure Functions.
Similarly, for downloading documents from Azure Blob Storage, Azure Functions will generate SAS-enabled URLs for the files stored in Blob Storage. These URLs contain SAS tokens that grant temporary access to the files. Provide these URLs as download links within your Power Pages application, allowing users to securely download the files they need.
You may also refer the following post on similar query: https://stackoverflow.com/questions/69788250/how-to-authorize-azure-b2c-user-to-read-blob-storage
Do let us know if you have any further queries. I’m happy to assist you further.
Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.