@jeff bushberg Welcome to Microsoft Microsoft Q&A Forum, Thank you for posting your query here!
For better understanding the issue: Are you using Azure Blob or Files Storage?
May I know what exactly are you trying to accomplish?
Azure Storage supports using Microsoft Entra ID to authorize requests to blob data. With Microsoft Entra ID, you can use Azure role-based access control (Azure RBAC) to grant permissions to a security principal, which may be a user, group, or application service principal. The security principal is authenticated by Microsoft Entra ID to return an OAuth 2.0 token. The token can then be used to authorize a request against the Blob service.
Azure Files supports identity-based authentication for Windows file shares over Server Message Block (SMB) using the Kerberos authentication protocol through the following methods:
- On-premises Active Directory Domain Services (AD DS)
- Microsoft Entra Domain Services
- Microsoft Entra Kerberos for hybrid user identities
Microsoft Entra Domain Services provides managed domain services such as domain join, group policies, LDAP, and Kerberos/NTLM authentication. These services are fully compatible with Active Directory Domain Services. For more information, see Microsoft Entra Domain Services
Overview of Azure Files identity-based authentication options for SMB access
Enable Microsoft Entra Domain Services authentication on Azure Files
Choose how to authorize access to file data in the Azure portal(Use your Microsoft Entra account)
Understand authorization for data operations Authorize access to data in Azure Storage
Please let us know if you have any further queries. I’m happy to assist you further.
Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.