locked
Authentication with ADAL for BLOB storage on Android RRS feed

  • Question

  • I'm trying to upload to BLOB storage using an Android app.

    Here are the steps I've taken.

    1. Created a user in Active Directory and accepted the email invite
    2. Created the application registration
    3. Added azure storage api permission to this application
    4. Assigned the user to the application
    5. Signed in with that user and accepted the permission request to access Azure blob storage

    The problem is, I don't see how I can use this authentication result for BLOB storage. I get an access token (AuthenticationResult.getAccessToken()), but the blob storage only takes a storage access and key or storage shared access signature with the StorageCredentialsSharedAccessSignature and StorageCredentialsAccountAndKey methods.  I could use Key Vault but I can't find any information on doing that on Android either.

    How do I use ADAL (or MSAL) to get different shared access signatures for each user? I need different shared access signatures for different customers, so I can't just hard code it into the app.

    Thank you

    Friday, March 20, 2020 11:44 AM

All replies

  •  @p12certificate Firstly, apologies for the delay in responding here and any inconvenience this issue may have caused. 

    Everything you listed below is correct AFAIK, except you should probably be using MSAL not ADAL to get your token.

    Presently there is no android library at this time that can do Oauth, if you want to do OAuth on Android I would recommend going for REST API, just make sure of 2 things

    1. X-ms-version should be 2019-07-07
    2. The access token you get from MSAL/ADAL, put it in the authorization header as “Bearer <token>”

    However I will check with my internal team when the Android sdk situation can be available

    Hope this helps!

    Kindly let us know if the above helps or you need further assistance on this issue.
    ------------------------------------------------------------------------------------------

    Do click on "Mark as Answer" on the post that helps you, this can be beneficial to other community members.

    Monday, March 23, 2020 8:02 AM
  •  @p12certificate Firstly, apologies for the delay in responding here and any inconvenience this issue may have caused. 

    Everything you listed below is correct AFAIK, except you should probably be using MSAL not ADAL to get your token.

    Presently there is no android library at this time that can do Oauth, if you want to do OAuth on Android I would recommend going for REST API, just make sure of 2 things

    1. X-ms-version should be 2019-07-07
    2. The access token you get from MSAL/ADAL, put it in the authorization header as “Bearer <token>”

    However I will check with my internal team when the Android sdk situation can be available

    Hope this helps!

    Kindly let us know if the above helps or you need further assistance on this issue.
    ------------------------------------------------------------------------------------------

    Do click on "Mark as Answer" on the post that helps you, this can be beneficial to other community members.

    How do I get a shared access signature for the BLOB storage Android SDKithout hard coding it into the app? Can I do this with MSAL or ADAL?
    Tuesday, March 24, 2020 9:09 AM
  • If you are thinking MSAL/ADAL you are only restricted to using the OAuth flows. Unless the token you get is for key vault and the key vault has your SAS.

    Kindly let us know if the above helps or you need further assistance on this issue.
    ------------------------------------------------------------------------------------------

    Do click on "Mark as Answer" on the post that helps you, this can be beneficial to other community members.

    Thursday, March 26, 2020 6:34 AM
  •  Just checking in to see if the above answer helped. If this answers your query, do click “Mark as Answer” and Up-Vote for the same, which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.
    Wednesday, April 1, 2020 6:43 AM
  • @p12certificate Just checking in to see if the above answer helped. If this answers your query, do click “Mark as Answer” and Up-Vote for the same, which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.
    Tuesday, April 7, 2020 5:25 AM
  • @p12certificate Just checking in to see if the above answer helped. If this answers your query, do click “Mark as Answer” and Up-Vote for the same, which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.
    Wednesday, April 15, 2020 5:33 PM