Azure Data Lake Storage authentication method
- Last Updated: May 28, 2026
- 1 minute read
- Automate MFT
- Documentation
- To add the reusable authentication method, click the .
- Provide a unique name for the authentication method.
- Optionally, enter a description to help identify the purpose or scope of this method.
- Select the Authentication
Type:
- Azure Secret Key: Use a storage account access key
for authentication. Enter the following information:
- Secret Key: Enter the
Azure Data Lake storage account's access key.
Using an access key grants full access to all containers in the storage account.
- Secret Key: Enter the
Azure Data Lake storage account's access key.
- OAuth 2.0: Use Azure Active Directory (Azure AD)
for authentication. Enter the following information:
- Client ID: Enter the client ID issued by the OAuth provider.
- Client Secret: Enter the client secret.
- Tenant Id: Enter the Azure AD tenant ID associated with the storage account.
- Azure Secret Key: Use a storage account access key
for authentication. Enter the following information:
- Save the new authentication method.
Azure configuration requirements (OAuth 2.0)
To use OAuth 2.0 authentication, complete the following setup in the Azure portal:
- Create an App Registration
- Register an application in Azure AD.
- Create a client secret (do not use a certificate).
- Record the Client ID, Tenant ID, and Client Secret value.
- Assign permissions to the storage account
- Open the storage account and navigate to the target Data Lake container.
- In Access control (IAM), add a Role Assignment.
- Assign the App Registration to one of the following roles:
- Storage Blob Data Reader
- Storage Blob Data Contributor
- Storage Blob Data Owner