This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 33%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPM%3C/text%3E%3C/svg%3E)
Can two Azure Tenants (with RBAC) use a storage account for data exchange? We tried and getting 401 error.
Any help to resolve this is much appreciated.
Below is our scenario...
Tenant 1: tenantA
Multi Tenant App: appA (daemon app type)
Tenant 2: tenantB
Storage Account: storageB
Tenant Admin consent "appA" and grant 'Storage Blob Data Contributor' application permission on storageB. Below is how we set permissions (We choose Microsoft Graph User.Read.All for lack knowledge what else to choose)
Now, Can tenantA write to storageB using Azure Storage SDK?
Well, we are getting below exception when we tried!
*Azure.RequestFailedException: Server failed to authenticate the request. Please refer to the information in the www-authenticate header.
RequestId:ab6e2992-001e-0089-16dd-d52538000000
Time:2020-12-19T08:07:07.8901668Z
Status: 401 (Server failed to authenticate the request. Please refer to the information in the www-authenticate header.)
Error Code: InvalidAuthenticationInfo
Headers:
Server: Microsoft-HTTPAPI/2.0
x-ms-request-id:*
This is now resolved, issue was...
We switched using app host tenant ID (tenantA) to consented tenant ID (tenantB).
@Porsche Me Glad to hear that issue got fixed. Appreciate for sharing the steps which helped you, this would certainly benefit other community members.
Please don’t forget to "Accept the answer" your answer and Up-Vote for the same, which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.