Skip to content

[QUERY] Server failed to authenticate the request using Managed Identity while creating Directory #49773

New issue
New issue
Open
Open
[QUERY] Server failed to authenticate the request using Managed Identity while creating Directory#49773
Labels
ClientThis issue points to a problem in the data-plane of the library.Service AttentionWorkflow: This issue is responsible by Azure service team.StorageStorage Service (Queues, Blobs, Files)customer-reportedIssues that are reported by GitHub users external to the Azure organization.needs-team-attentionWorkflow: This issue needs attention from Azure service team or SDK teamquestionThe issue doesn't require a change to the product in order to be resolved. Most issues start as that
@rahulsingii

Description

@rahulsingii
rahulsingii
opened on May 1, 2025

Library name and version

Azure.Storage.Files.Shares 12.22.0

Query/Question

Hi,

I have an app running in Azure which access the File share and performs task like File download, Directory creation, deletion etc. The file share is hosted in Azure too. I am currently using the connection string with Keys.

Now, I am trying to replace it with Managed Identity. The Identity is attached to my app and has following Roles assigned in the Storage Account:-

  • Storage File Data Privileged Contributor
  • Storage File Data SMB Share Contributor

Here is my code:-

var credential = new DefaultAzureCredential(new DefaultAzureCredentialOptions 
 { ManagedIdentityClientId = "client_id" });
string endpoint = $"https://{account_name}.file.core.windows.net/{shareName}";
ShareClient shareClient = new ShareClient(new Uri(endpoint)
, credential
, new ShareClientOptions { ShareTokenIntent = ShareTokenIntent.Backup });
ShareDirectoryClient directory = shareClient.GetDirectoryClient(directoryPath);
ShareFileClient file = directory.GetFileClient(templateFileName);
ShareFileDownloadInfo download = await file.DownloadAsync();

rootDirectory = rootDirectory.GetSubdirectoryClient(subFolderName);
await rootDirectory.CreateIfNotExistsAsync(); //It fails here

It's able to download the file and do other stuff, but when it tries to create the directory it's throwing an exception:-

Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. RequestId:887d6058- Time:2025-05-01T16:17:32.5388585Z Status: 403 (Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.) ErrorCode: AuthenticationFailed Additional Information: AuthenticationErrorDetail: The MAC signature found in the HTTP request 'DML/ihEax5N/hwV1H3brtc+WOuNurs3FQ=' is not the same as any computed signature. Server used following string to sign: 'PUT x-ms-client-request-id:f2f5c5f9-8b40-467e-8c01- x-ms-date:Thu, 01 May 2025 16:17:32 GMT x-ms-return-client-request-id:true x-ms-version:2025-05-05 restype:directory'.

Environment

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    ClientThis issue points to a problem in the data-plane of the library.Service AttentionWorkflow: This issue is responsible by Azure service team.StorageStorage Service (Queues, Blobs, Files)customer-reportedIssues that are reported by GitHub users external to the Azure organization.needs-team-attentionWorkflow: This issue needs attention from Azure service team or SDK teamquestionThe issue doesn't require a change to the product in order to be resolved. Most issues start as that

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions