CODEWITHSUNDEEP
angularjsazureazure-active-directoryazure-blob-storageazureportal
Bridget Arrington
Bridget Arrington

Reputation: 444

AngularJS adal Authentication to Azure Blob Storage

I have an angularJS project. I've included azure-blob-storage.js in my scripts and I am able to get access using SAS but not the AD authentication.

I have added Azure Storage API permissions to the AD App Registration and given the App Reader and Contributor roles to the storage account.

adalAuthenticationService.acquireToken({clientId},
        function(error, token) {
          // Handle ADAL Error
          if (error || !token) {
            return;
          }
        }).then(function (token) {
var tokenCredential = new AzureStorage.Blob.TokenCredential(token);
var blobService = AzureStorage.Blob.createBlobServiceWithTokenCredential({myStorageAccountURI}, tokenCredential);

I get the following error:

<Error><Code>AuthenticationFailed</Code><Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature....</Message>
<AuthenticationErrorDetail>Audience validation failed. Audience did not match.</AuthenticationErrorDetail></Error>

Upvotes: 1

Views: 487

Answers (1)

juunas
juunas

Reputation: 58723

The error Audience validation failed. Audience did not match. means the token audience (= intended receiver) is wrong. You are most likely acquiring a token for your app with your client id. You need to switch it to https://storage.azure.com/ in the call to acquireToken().

And also your user needs to have the read/write access to the blobs as you found out :)

Upvotes: 1

Related Questions