none
Table storage REST API Shared Key Authentication

    Question

  • I have to first say that the documentation for the Azure Storage REST API is horrible, and I'm having a difficult time finding any updated sample code on any of Microsoft's web properties or in blogs.

    The format of the signature string is as follows according to the documentation:

    StringToSign = VERB + "\n" + 
                   Content-MD5 + "\n" + 
                   Content-Type + "\n" +
                   Date + "\n" +
                   CanonicalizedResource;

    An issue I have with this signature string is that there doesn't seem to be any operations that require Content-MD5 in the request header. So why is it necessary in the signature string? Is it optional? There's no mention of it being required or optional.

    I also have an issue with constructing the canonicalized resource string. I can't find any documentation on the correct format for entity operations that use this type of URL:

    PUT https://myaccount.table.core.windows.net/mytable(PartitionKey='myPartitionKey',RowKey='myRowKey')

    What's the format for the canonicalized string? Does everything starting with the left parenthesis get stripped out like query strings do? If not, does it need to be URL-encoded? It's a complete mystery.

    This is the extent of the sample canonicalization that's provided:

    Get Container Metadata
       GET http://myaccount.blob.core.windows.net/mycontainer?restype=container&comp=metadata 
    CanonicalizedResource:
        /myaccount/mycontainer\ncomp:metadata\nrestype:container
    
    List Blobs operation:
        GET http://myaccount.blob.core.windows.net/container?restype=container&comp=list&include=snapshots&include=metadata&include=uncommittedblobs
    CanonicalizedResource:
        /myaccount/mycontainer\ncomp:list\ninclude:metadata,snapshots,uncommittedblobs\nrestype:container
    
    Get Blob operation against a resource in the secondary location:
       GET https://myaccount-secondary.blob.core.windows.net/mycontainer/myblob
    CanonicalizedResource:
        /myaccount/mycontainer/myblob

    No examples for table storage at all.

    Thursday, May 28, 2015 4:26 PM

Answers

All replies

  • Hi,

    We are currently researching on this to find more data/documents to assist you with Shared Key Authentication in Table Storage using REST API.
    We'll keep you updated with our findings.
    Appreciate your patience.

    Regards,
    Malar.

    Friday, May 29, 2015 11:22 AM
  • Hi,

    Have you checked the samples in the following link:
    http://azurestoragesamples.codeplex.com/

    There is a download for a REST sample and a SDK sample.  Although the sample is several years old, I think the code will give you an idea of how to write a storage client. 

    Hope this is helpful.

    Regards,
    Malar.

    Monday, June 1, 2015 6:12 AM