Authentication with Azure Data Lake Storage Gen1 using Azure Active Directory

Azure Data Lake Storage Gen1 uses Azure Active Directory for authentication. Before authoring an application that works with Data Lake Storage Gen1, you must decide how to authenticate your application with Azure Active Directory (Azure AD).

Authentication options

  • End-user authentication - An end user's Azure credentials are used to authenticate with Data Lake Storage Gen1. The application you create to work with Data Lake Storage Gen1 prompts for these user credentials. As a result, this authentication mechanism is interactive and the application runs in the logged in user's context. For more information and instructions, see End-user authentication for Data Lake Storage Gen1.

  • Service-to-service authentication - Use this option if you want an application to authenticate itself with Data Lake Storage Gen1. In such cases, you create an Azure Active Directory (AD) application and use the key from the Azure AD application to authenticate with Data Lake Storage Gen1. As a result, this authentication mechanism is non-interactive. For more information and instructions, see Service-to-service authentication for Data Lake Storage Gen1.

The following table illustrates how end-user and service-to-service authentication mechanisms are supported for Data Lake Storage Gen1. Here's how you read the table.

  • The ✔* symbol denotes that authentication option is supported and links to an article that demonstrates how to use the authentication option.
  • The ✔ symbol denotes that the authentication option is supported.
  • The empty cells denote that the authentication option is not supported.
Use this authentication option with... .NET Java PowerShell Azure CLI Python REST
End-user (without MFA**) ✔*(deprecated) ✔*
End-user (with MFA) ✔* ✔* ✔* ✔*
Service-to-service (using client key) ✔* ✔* ✔* ✔*
Service-to-service (using client certificate) ✔*

* Click the ✔* symbol. It's a link.
** MFA stands for multi-factor authentication

See Authentication Scenarios for Azure Active Directory for more information on how to use Azure Active Directory for authentication.

Next steps