Hello Leon H,
Thank you for posting your query here!
Can you please ensure that you have assigned appropriate RBAC role to this service principal, here are the detailed steps to correctly assign the necessary roles to the service principal. This will ensure that it has the required permissions to access the Azure Blob Storage:
Steps to Assign Role to Service Principal:
Step 1: Open Azure Portal
Go to Azure Portal.
Step 2: Navigate to Your Storage Account
Find and select the specific Storage Account where the blob resides.
Go to the "Access control (IAM)" section.
Step 3: Add Role Assignment
Click on "+ Add" and select "Add role assignment" to open the Add role assignment pane.
Step 4: Select the Appropriate Role
Choose the role that corresponds to the access level you want the application to have. For reading blobs, select "Storage Blob Data Reader". If the application needs to write or delete blobs, select "Storage Blob Data Contributor".
Step 5: Assign Access to the Service Principal
Under "Assign access to", select "Service Principal".
In the search box, type the name of your app registration or the client ID. It should appear in the search results.
Select your service principal from the list.
Step 6: Save the Role Assignment
Click "Save" to apply the role assignment.
Source: https://stackoverflow.com/questions/78363041/403-exception-trying-to-read-file-in-azure-blob
I hope this helps! Please let me know if the issue persists or if you have any other questions.
Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.