Reputation: 5217
Revoke Shared Access Signatures after initial access in Azure Storage
I would like to essentially allow for one-time access to certain blob resources, requiring the user to check back with my server to get a new shared access signature before being able to access the resource again.
I have an implementation of this that I currently use, but I'm curious if there's something more ideal out there (particularly something already implemented in the Azure API that I missed).
Right now, a user can request the resource from the server. It validates their access to it, creates a unique hash in a database, directs the user to a link with that hash and the user loads the page. Once the page loads and they've completely downloaded the resource, I immediately invalidate the hash value in the database so it cannot be used again.
I know that Shared Access Signatures allow for time-based expiration, but do they allow for any sort of retrieval-count-based expiration, in that the user can completely download the resource and then the SAS invalidate itself? Thanks!
Upvotes: 2
Views: 462
Answers (1)
Reputation: 1378
One time use is not supported by SAS tokens. If you get a chance it would be great if you could add this request to our Azure Storage User Voice Backlog. I would also encourage other people with the same requirement to vote on that as wel.
Thanks
Jason
Upvotes: 3
Related Questions
- how to revoke Shared Access Signature in Azure SDK
- Revoke azure disk SAS (shared access signature) of disk
- How can I prevent an Azure Storage Shared Access Signature based on a Stored Access Policy being cached in the browser
- Can't create working Shared Access Signature for Azure Files
- Shared Access Signature to manipulate Azure blob container
- Azure Shared Access Signature for whole storage account
- Azure Shared Access Signatures To Restrict Access
- Azure Blob: revoking Shared Access Signature Policy
- Shared Access Signatures in Azure for client blob access
- Revoking shared access signatures on individual blobs