Authentication with Azure Data Lake Storage Gen1 using Microsoft Entra ID
Azure Data Lake Storage Gen1 uses Microsoft Entra ID for authentication. Before authoring an application that works with Data Lake Storage Gen1, you must decide how to authenticate your application with Microsoft Entra ID.
Authentication options
End-user authentication - An end user's Azure credentials are used to authenticate with Data Lake Storage Gen1. The application you create to work with Data Lake Storage Gen1 prompts for these user credentials. As a result, this authentication mechanism is interactive and the application runs in the logged in user's context. For more information and instructions, see End-user authentication for Data Lake Storage Gen1.
Service-to-service authentication - Use this option if you want an application to authenticate itself with Data Lake Storage Gen1. In such cases, you create a Microsoft Entra application and use the key from the Microsoft Entra application to authenticate with Data Lake Storage Gen1. As a result, this authentication mechanism is non-interactive. For more information and instructions, see Service-to-service authentication for Data Lake Storage Gen1.
The following table illustrates how end-user and service-to-service authentication mechanisms are supported for Data Lake Storage Gen1. Here's how you read the table.
- The ✔* symbol denotes that authentication option is supported and links to an article that demonstrates how to use the authentication option.
- The ✔ symbol denotes that the authentication option is supported.
- The empty cells denote that the authentication option is not supported.
Use this authentication option with... | .NET | Java | PowerShell | Azure CLI | Python | REST |
---|---|---|---|---|---|---|
End-user (without MFA**) | ✔ | ✔ | ✔ | ✔ | ✔*(deprecated) | ✔* |
End-user (with MFA) | ✔* | ✔* | ✔ | ✔* | ✔* | ✔ |
Service-to-service (using client key) | ✔* | ✔* | ✔ | ✔ | ✔* | ✔* |
Service-to-service (using client certificate) | ✔* | ✔ | ✔ | ✔ | ✔ | ✔ |
* Click the ✔* symbol. It's a link.
** MFA stands for multi-factor authentication
See Authentication Scenarios for Microsoft Entra ID for more information on how to use Microsoft Entra ID for authentication.