403 Server failed to authenticate on Blob Stored GeoTIFF

J Wall 20 Reputation points
2024-07-31T20:47:59.2966667+00:00

Hello,

I am trying to serve a GeoTIFF in a container, but am reciving a status code: 403 Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.

Looking around online, I noticed I need to configure my CORS which I have done using the following parameters: User's image

From there, I navigated to the GeoTIFF, select it then open the "Generate SAS" tab. I select all permissions, keep the default times (which match the clock on my development machine), and use HTTPS only.

I add my URL string with SAS token to my JavaScript within my HTML file, but it never renders. I've checked my JS and HTML code using example GeoTIFFs from GitHub which have all rendered as expected.

I am uncertain what else I need to do to serve out these images. Does anyone have any ideas?

Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
2,934 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Nehruji R 8,151 Reputation points Microsoft Vendor
    2024-08-01T05:41:34.1966667+00:00

    Hello J Wall,

    Greetings! Welcome to Microsoft Q&A Platform.

    I understand that you’re encountering an authentication issue with your Geo TIFF container. The error message indicates that the server failed to authenticate the request, suggesting that there might be an issue with the Authorization header.

    · One of the reasons why this error occurs is you try with the wrong SAS token, or you may give the wrong SAS parameter you have passed in your SAS-URL.

    You may use a tool like Postman to perform the same operation and compare the headers and authorization strings.

    For detailed steps please refer: https://stackoverflow.com/questions/76718804/azurestorage-blob-server-failed-to-authenticate-the-request-error-while-trying.

    Reference:

    https://learn.microsoft.com/en-us/rest/api/storageservices/delete-blob?tabs=azure-ad

    · The stringToSign used in creating the Authorization header should be correctly formatted. In some cases, assigning content length as 0 in stringToSign when it should be an empty string can cause a 403 error: Azure Blob Storage - Error trying to delete blob with API REST with C# - Stack Overflow

    · If the blob has an active lease, the x-ms-lease-id header is required. https://learn.microsoft.com/en-us/rest/api/storageservices/delete-blob?tabs=microsoft-entra-id#request-headers. Also, please make sure to check if the Clock on your computer is correct.

    Please consider checking below steps to resolve the issue,

    • Enabling "Allow trusted Microsoft services to access this storage account" allows you to access storage account.
    • Make sure to have the required permissions like Contributor and User Access Administrator roles / Storage Blob Data Owner role.
    • Since you’ve already configured CORS, double-check that the settings are correct and that the allowed origins, methods, and headers are properly set up.
    • If your storage account has firewall rules enabled, make sure that your client IP address is allowed. This can sometimes cause authentication issues.
    • Make sure your CORS settings allow requests from your development environment. This includes allowing the necessary HTTP methods (GET, POST, etc.) and headers.
    • If your GeoTIFF is hosted on a different domain, ensure that your server supports cross-origin requests. Ensure you are using the correct methods from the GeoTIFF.js library to load and render the GeoTIFF.
    • For testing purposes, you might want to temporarily set the container’s access level to public to see if the issue persists. This can help isolate whether the problem is with the authentication configuration.

    Similar error thread for reference - https://stackoverflow.com/questions/78021236/403-server-failed-to-authenticate-the-request-make-sure-the-value-of-authorizat, https://stackoverflow.com/questions/72653133/status-403-code-authorizationfailure-message-this-request-is-not-authorized-t,https://stackoverflow.com/questions/75981712/how-to-fix-server-failed-to-authenticate-the-request-please-refer-to-the-inform

    Do let us know if you have any further queries. I’m happy to assist you further.

    Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.