Managed identities

A common challenge for developers is the management of secrets and credentials to secure communication between different services. On Azure, managed identities eliminate the need for developers having to manage credentials by providing an identity for the Azure resource in Azure AD and using it to obtain Azure Active Directory (Azure AD) tokens.


Managed identities are only available for Media Services accounts created using the v3 API. If you are using the v2 API and would like to use managed identities, please migrate from v2 to v3 Migrate from Media Services v2 to v3 introduction.

Media Services Managed Identity scenarios

There are three scenarios where Managed Identities can be used with Media Services:

In the first two scenarios, the Managed Identity is used to grant the Media Services account access to other services. In the third scenario, the service has a Managed Identity which is used to access Media Services.

For the first scenario, the Managed Identity of the Media Services account must have the Storage Blob Contributor role for the storage account.

Managed Identities Scenario Comparison


These scenarios can be combined. You could create Managed Identities for both the Media Services account (for example, to access customer-managed keys) and the Azure Functions resource to access to Media Services account.

Tutorials and How-tos

Try these tutorials to get some hands-on experience with using a Managed Identity with Media Services.

Further reading

To learn more about what managed identities can do for you and your Azure applications, see Azure AD Managed Identities.

To learn more about Azure Functions, see About Azure Functions

Get help and support

You can contact Media Services with questions or follow our updates by one of the following methods: