New Training: Implement User Authentication and Authorization in Microsoft Azure

In this 6-video skill, CBT Nuggets trainer Trevor Sullivan covers user authentication and access controls in Microsoft Azure by using Azure Active Directory (AAD). Watch this new Azure training.

Watch the full course: Microsoft Certified: Azure Developer Associate

This training includes:

• 6 videos

• 40 minutes of training

You’ll learn these topics in this skill:

• Introduction to Authentication and Authorization in Microsoft Azure

• Controlling Access to Azure Resources with RBAC

• Shared Access Signatures (SAS) with Azure Storage Accounts

• Using PowerShell to Create and Consume Shared Access Signatures

• Creating an Azure Active Directory Application Registration

• Building an oAuth-Enabled Web Application with Azure Active Directory and JavaScript

What are Shared Access Signatures (SAS)?

A shared access signature (SAS) is an Azure feature that provides secure delegated access to resources that are in a storage account. You can use SAS to assert granular control over how clients can access the data stored in Azure. With SAS, you can define the resources that a client may access as well as the permissions that they have to these resources, and you can also determine how long a signature is valid.

There are three types of SAS: user delegation SAS, service SAS and account SAS. A user delegation SAS applies only to Blob storage and is secured by both Azure Active Directory (Azure AD) credentials and SAS permissions. A service SAS applies to Blob, Queue or Table storage and Azure files and is secured with the storage account key. An account SAS is also secured with a storage account key and delegates access to any Azure storage.