Share via

In Azure Cosmos DB Table API, Creating CloudTableClient using SAS token throws error when try to check if table exist, throws exception: Value cannot be null. (Parameter 'authKeyOrResourceToken | secureAuthKey')'

Prashant Patel 100 Reputation points Microsoft Employee
2023-02-20T09:14:16.48+00:00

Hi Community,

I am recently trying to make the cosmos table access more secure using SAS token. I have existing implementation to access table using CloudTableClient, and I observed CloudTableClient can be created using SAS token, thus I gave it a try but I am stuck due to an issue discussed here.
Following are the steps I have followed:

  1. First, I am creating CloudTableClient :
StorageCredentials credentials = new StorageCredentials(
            cosmosTableSettings.Uri.Host.Split('.').First(),
            accountKey.ToOriginalString());

var cosmosTableClient = new CloudTableClient(cosmosTableSettings.Uri, credentials);
  1. I get the SAS token
var tableRef = cosmosTableClient.GetTableReference(tableName);
SharedAccessTablePolicy policy = new SharedAccessTablePolicy()
{
    SharedAccessExpiryTime = DateTime.UtcNow.AddHours(1),
    Permissions = SharedAccessTablePermissions.Add
    | SharedAccessTablePermissions.Query
    | SharedAccessTablePermissions.Update
    | SharedAccessTablePermissions.Delete
};
string sasToken = tableRef.GetSharedAccessSignature(policy);
  1. I created CloudTableClient from sas token
credentials = new StorageCredentials(sasToken);
cosmosTableClient = new CloudTableClient(cosmosTableSettings.Uri, credentials);
  1. Finally I am trying to check if table exist(or any other operation) from this new client:
var cosmosTable = this.Client.GetTableReference(tableName);
var options = new TableRequestOptions()
{
    // For the sake of consistency, we handle the retry logic with a
    // custom more robust retry policy whose data type matches across the data store
    // implementations.
    RetryPolicy = new Microsoft.Azure.Cosmos.Table.NoRetry()
};
await cosmosTable.ExistsAsync(options, new OperationContext(), cancellationToken).ConfigureAwait(false)

But in the last step I am getting the following error:

{"Value cannot be null. (Parameter 'authKeyOrResourceToken | secureAuthKey')"}

Stack Trace is :

at Microsoft.Azure.Cosmos.Table.Extensions.TableExtensionOperationHelper.<ExecuteOperationAsync>d__0`1.MoveNext()
   at Microsoft.Azure.Cosmos.Table.Extensions.TableExtensionRetryPolicy.<ExecuteUnderRetryPolicy>d__2`1.MoveNext()
   at Microsoft.Azure.Cosmos.Table.CloudTable.<ExistsAsync>d__85.MoveNext()

Please do let me know if SAS token is supported with CloudTableClient/CloudTable or am I missing something else ?

Azure Cosmos DB
Azure Cosmos DB
An Azure NoSQL database service for app development.
1,799 questions
C#
C#
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
11,345 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. ShaktiSingh-MSFT 16,271 Reputation points
    2023-02-20T12:30:28.22+00:00

    Hi @Prashant Patel ,

    Thanks for posting the question in Microsoft Q&A forum.

    After looking at the task you are doing and the error, I assume you have followed the steps mentioned in the standard Microsoft documentation: Tutorial: Develop an ASP.NET web application with Azure Cosmos DB for NoSQL.

    Consider refactoring your .net code using the answer mentioned in the similar issue posted by user here: CosmosDB System.ArgumentNullException: 'Value cannot be null. (Parameter 'authKeyOrResourceToken')'

    Let us know if this helped in your case. If not, we will investigate further.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.