How to Generate a Shared Access Signatures (SAS) to an Azure Storage Account?


In today’s digital world, Azure Storage plays a critical role in helping organizations store and manage data in the cloud. To ensure the security and controlled access of this data, Azure offers a feature called Shared Access Signatures (SAS). SAS tokens serve as temporary access keys, enabling you to grant specific permissions to users without compromising your primary credentials. In this article, I’ll guide you through the process of generating SAS tokens for your Azure Storage Account, further enhancing your data security and access control.

Step 1. Begin by signing in to the Azure portal at

Step 2. Navigate to your storage account in the Azure portal. Inside the storage account, go to Security + networking and then click on Shared Access Signature.

Step 3. In the Shared Access Signature pane, choose the storage account services and the desired options for the shared access signature. For example, you can provide Read and List permissions to Blobs within a container. It is important to follow the principle of least privilege when assigning permissions to a SAS.

Next, select a start and end time to determine the validity of the SAS.

If necessary, you can also restrict requests to the storage account based on specific IP addresses using the SAS.

As a best practice, it is recommended to only allow the HTTPS protocol when using the SAS URI.

Finally, select the access key to sign the shared access signature. Please note that if you revoke the access key, any shared access signature created from the access key will be invalidated.

Shared Access Signature

Step 4. Once you have configured all the options, click on the “Generate SAS and connection string” button. This will provide you with three options for using the SAS: a connection string for applications, a SAS token, and a Blob service SAS URL.

Generate SAS and Connection String


Azure Storage’s Shared Access Signatures (SAS) offer a secure method to grant temporary access to your cloud data without exposing your primary credentials. This article has guided you through the process of generating SAS tokens for your Azure Storage Account, giving you enhanced data security and access control.

To learn more about how Skrots can help you with similar services, please visit our website Skrots. You can also explore all our services at Skrots Services. Additionally, feel free to check out our blog at Blog at Skrots . Thank you for choosing Skrots!

Show More

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button