SAS Token Authentication For Azure Storage Endpoints (Mainly Azure Synapse)
The Azure storage account credentials currently requires access key for both Blob Storage and ADLS gen 2 when it is used for staging area in Azure Synapse target endpoint. We notice that this also is the case for other few endpoint.
Customers generally prefer SAS token instead of access key, as it provides a more secure delegated access to the resources in the storage groups. With SAS token, we can have a more granual control on access of the data and also we can restrict permissions on the resources to limited IP's, enforce time bound access validitity and so forth. I believe the use of SAS token enhances security level to the storage accounts compared to access keys.
NOTE: Upon clicking this link 2 tabs may open - please feel free to close the one with a login page. If you only see 1 tab with the login page, please try clicking this link first: Authenticate me! then try the link above again. Ensure pop-up blocker is off.
