1

I'm building reports for a clients in Blob Storage in the background (the clients are not waiting for it). Once a report is ready the client can see it in our UI and he can choose to download it. When we load the screen with all the reports with the option to download them we generate a read only SAS token for each report for 15 minutes and if the user downloads a report it immediately streams it to the UI and the user gets to download it via his browser.

For security reasons we want to limit this SAS token to be used only one time, meaning that once a stream/download has begun the SAS token will be invalid, is it something that can be done? if not, are there any other ways to protect us and our clients?

Thanks

Tal Nanus
  • 11
  • 1

1 Answers1

0

There's no API to revoke/invalidate a Blob SAS token. But you could change access so that your UI requests a file from a web service that you create, and your web service authorizes the request, reads the blob, and sends it to your UI.

Rob Reagan
  • 7,313
  • 3
  • 20
  • 49