question

BigMarty-7674 avatar image
0 Votes"
BigMarty-7674 asked amanpreetsingh-msft commented

AD B2C with User Delegate SAS for Azure Blob Storage

In the process of designing a mobile application (IOS & Android) utilizing Xamarin Forms with AD B2C handling logins. We would like to use User Delegate SAS to grant access to Azure Blob Storage for video upload / download directly to/from the client device. Our plan was to have our backend use the OAuth tokens provided by users during login to our backend to have our backend request user delegation keys from Azure Storage, which our backend could then use to sign SAS tokens to send to users client application which would then allow access to Azure blob storage. The problem we are having is the AD B2C is not working for this use. We are not seeing a way to make this design work. We are currently contemplating switching to Service SAS, as our backend can then sign SAS tokens with the needed permissions. Any thoughts on our approach, design, or methodology? All the best and thank you in advance should anyone have any insight.

azure-active-directoryazure-ad-b2cazure-blob-storage
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

amanpreetsingh-msft avatar image
0 Votes"
amanpreetsingh-msft answered amanpreetsingh-msft commented

Hi @BigMarty-7674 · Thank you for your query.

The Azure AD B2C tenant doesn't include the API for Azure Storage i.e., https://storage.azure.com/, which is why it won't be possible to pass the scp claim in the token with value https://storage.azure.com/user_impersonation. Which is why, I don't think the scenario you have provided can be achieved with B2C user accounts.

I would suggest you to post an idea regarding this at our feedback portal, which is monitored by the product group for product enhancements.


Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @BigMarty-7674 · Just checking if you have any further question.

0 Votes 0 ·