Azure Adds User Delegation SAS Support for Tables, Queues and Files in Public Preview
Microsoft has announced a public preview of user delegation shared access signatures (SAS) for Azure Tables and Azure Files, extending identity-based access control to additional Azure Storage services. With the update, organizations can generate SAS tokens that are backed by Microsoft Entra ID rather than long-lived storage account keys, reducing the risk associated with key leakage and simplifying credential management. The feature is designed to help customers apply more granular, time-bound access controls for applications and users accessing table and file data.
The preview reflects a broader shift toward identity-first security models in cloud infrastructure. By enabling user delegation SAS for Azure Tables and Files, Microsoft aligns these services with Azure Blob Storage, which already supports identity-based SAS. Clients retrieve a UD key tied to their Entra ID which is used to create SAS access rights tokens. For developers and platform teams, the change supports least-privilege access patterns and improves auditability without requiring major application redesign. As organizations continue to tighten security controls around data access, identity-backed mechanisms like user delegation SAS are becoming a foundational element of modern cloud storage architectures.
Posted by Redmondmag.com Editors on 01/16/2026