![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 86%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
3,192 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 64%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENR%3C/text%3E%3C/svg%3E)
Hello Pallab,
Greetings! Welcome to Microsoft Q&A Forum.
Based on the error message, It's permission issue. Please provide mentioned access for client_id = "xxxxxxxxxxxxxxxxxxxxxxx" ( IAM permission) please go into your storage account > IAM > Add role assignment and add the special permissions for this type of request. Other possible ways is due to the Wrong Storage Account Keys and/or Storage Account name or SAS Expired or Azure Storage Firewall has been configured and customer's IP/subnet has not been granted access. (You can also get a 403 error if the time on the server is not in sync with the time on storage servers.
Verify correct credentials:
- Ensure that the client ID you’re using has the necessary permissions. You mentioned that you’ve granted the Storage Blob Data Contributor role to the app, which is a good start.
- However, also verify that the app has the required permissions for the specific operation (PUT request in this case). Sometimes, it’s not just about the role but also about the specific permissions within that role.
- Go to your storage account in the Azure Portal, navigate to IAM (Identity and Access Management), and add the necessary permissions for your app.
Make sure that the Storage Account name is correct and has not been mistyped. The above error messages can also be seen if the Storage Account name is not correct.
Make sure you’re using the correct bearer token in your request. Double-check that the token you’re manually replacing is indeed the one obtained via Auth Code flow.
Also Enabling "Allow trusted Microsoft services to access this storage account" allows you to access storage account.
Ensure that you have _Contributor _and Blob Data Contributor permissions on the storage account.
Additional information: Assign an Azure role for access to blob data
Similar issue SO thread for reference - https://stackoverflow.com/questions/66525481/authorization-permission-mismatch-when-trying-to-put-a-file-in-azure-blob-with-a, https://stackoverflow.com/questions/72653133/status-403-code-authorizationfailure-message-this-request-is-not-authorized-t
And the above diagnostic in Azure portal, redirecting you to submit the issue details to create a azure support ticket.
Hope this answer helps! Please let us know if you have any further queries. I’m happy to assist you further.
Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.