Shared Access Signature (SAS) in Azure
A shared access signature (SAS) is a signed URI that points to one or more storage resources and includes a token that contains a special set of query parameters. Here, the token plays an important part, it indicates how the resources might be accessed by the client. Signature query parameters (sig) is constructed from the SAS parameters and signed with the key that was used to create the SAS. This signature is used by Azure Storage to authorize access to the storage resource. Azure Storage supports three types of SAS: User delegation SAS Secured with Microsoft Entra credentials and also by the permissions specified for the SAS. Applies to Blob storage only. Service SAS Secured with the storage account key. A service SAS delegates access to a resource in the following Azure Storage services: Blob storage, Queue storage, Table storage, or Azure Files. Account SAS Secured with the storage account key. An account SAS delegates access to resources in one or more of the storage service...