Service-to-service authentication with Azure Data Lake Storage Gen1 using REST API
In this article, you learn how to use the REST API to do service-to-service authentication with Azure Data Lake Storage Gen1. For end-user authentication with Data Lake Storage Gen1 using REST API, see End-user authentication with Data Lake Storage Gen1 using REST API.
An Azure subscription. See Get Azure free trial.
Create a Microsoft Entra ID "Web" Application. You must have completed the steps in Service-to-service authentication with Data Lake Storage Gen1 using Microsoft Entra ID.
In this scenario, the application provides its own credentials to perform the operations. For this, you must issue a POST request like the one shown in the following snippet:
curl -X POST https://login.microsoftonline.com/<TENANT-ID>/oauth2/token \
-F grant_type=client_credentials \
-F resource=https://management.core.windows.net/ \
-F client_id=<CLIENT-ID> \
-F client_secret=<AUTH-KEY>
The output of the request includes an authorization token (denoted by access-token
in the output below) that you subsequently pass with your REST API calls. Save the authentication token in a text file; you will need it when making REST calls to Data Lake Storage Gen1.
{"token_type":"Bearer","expires_in":"3599","expires_on":"1458245447","not_before":"1458241547","resource":"https://management.core.windows.net/","access_token":"<REDACTED>"}
This article uses the non-interactive approach. For more information on non-interactive (service-to-service calls), see Service to service calls using credentials.
In this article, you learned how to use service-to-service authentication to authenticate with Data Lake Storage Gen1 using REST API. You can now look at the following articles that talk about how to use the REST API to work with Data Lake Storage Gen1.