Share via

When generating a SAS token, specifying the path causes an authorization failure.

Jun 0 Reputation points
2024-12-12T14:52:46.71+00:00

I use following code to generate SAS token, when path is null or empty string, it's working.

String sasToken = new DataLakeSasImplUtil(signatureValues, container, path, true)             .generateUserDelegationSas(userDelegationKey, accountName, Context.None);

But, when I specify path, it will fail. I get error message below

Status code 403
AuthenticationFailed
Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.

I give path data/testTable, and do sql execution INSERT INTO testTable VALUES (1, 'a', cast('2023-10-01 01:00:00' as timestamp));

Azure Data Lake Storage
Azure Data Lake Storage
An Azure service that provides an enterprise-wide hyper-scale repository for big data analytic workloads and is integrated with Azure Blob Storage.
1,510 questions
Azure Data Lake Analytics

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Keshavulu Dasari 2,410 Reputation points Microsoft Vendor
    2024-12-16T02:20:24.15+00:00

    Hi Jun ,
    Greetings! Welcome to Microsoft Q&A Forum. Thanks for posting you query here!
    when generating a SAS token for Azure Data Lake Storage. This can happen due to several reasons, including incorrect path formatting or insufficient permissions.
    I suggest few steps you can take to troubleshoot the issue.

    1. Path Formatting: Ensure that the path you specify is correctly formatted. For example, it should not start with a leading slash. Instead of data/testTable, try data/testTable.
    2. Permissions: Verify that the permissions set in the SAS token are appropriate for the operations you intend to perform. For example, if you need to write to the path, ensure that the write permission is included.

    Make sure the SAS token is generated with the correct scope. If you're specifying a path, the token needs to have permissions for that specific path.
    Error Details: The error message Status code 403 AuthenticationFailed indicates that the server failed to authenticate the request. This could be due to an incorrect signature. Double-check the values used to generate the SAS token, including the account name, key, and permissions.
    For more information:
    https://learn.microsoft.com/en-us/azure/storage/blobs/storage-blob-java-get-started?tabs=azure-ad

    Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members. 

    If you have any other questions or are still running into more issues, let me know in the "comments" and I would be happy to help you

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.