Documentation Experience Platform Source Connectors Guide

Azure Blob Storage source

Last update: Thu Aug 21 2025 00:00:00 GMT+0000 (Coordinated Universal Time)

Topics:
Sources

CREATED FOR:

Developer

Azure Blob Storage is a cloud-based object storage service provided by Microsoft Azure. It’s designed to store large amounts of unstructured data, such as text, images, videos, backups, and logs. You can use Azure Blob Storage to store and manage large amounts of unstructured data such as documents, images, videos, and audio files. It’s ideal for backing up and archiving data, supporting disaster recovery, and handling big data workloads for analytics.

Use the Azure Blob Storage source to connect your account and ingest data from Azure Blob Storage to Adobe Experience Platform.

Prerequisites prerequisites

Read the following sections to complete the prerequisite setup before you connect your Azure Blob Storage account to Experience Platform.

IP address allowlist

You must add region-specific IP addresses to your allowlist prior to connecting your sources to Experience Platform. Read the guide on allowlisting IP addresses to connect to Experience Platform for more information.

IMPORTANT

The Azure Blob source does not support same-region connectivity to Experience Platform. If your Azure instance is using the same network region as Experience Platform, then a connection to Experience Platform sources cannot be established. Currently, only cross-region connectivity is supported.

Naming constraints for files and directories

The following is a list of constraints you must account for when naming your cloud storage file or directory.

Directory and file component names cannot exceed 255 characters.
Directory and file names cannot end with a forward slash (/). If provided, it will be automatically removed.
The following reserved URL characters must be properly escaped: ! ' ( ) ; @ & = + $ , % # [ ]
The following characters are not allowed: " \ / : | < > * ?.
Illegal URL path characters not allowed. Code points like \uE000, while valid in NTFS filenames, are not valid Unicode characters. In addition, some ASCII or Unicode characters, like control characters (0x00 to 0x1F, \u0081, etc.), are also not allowed. For rules governing Unicode strings in HTTP/1.1 see RFC 2616, Section 2.2: Basic Rules and RFC 3987.
The following file names are not allowed: LPT1, LPT2, LPT3, LPT4, LPT5, LPT6, LPT7, LPT8, LPT9, COM1, COM2, COM3, COM4, COM5, COM6, COM7, COM8, COM9, PRN, AUX, NUL, CON, CLOCK$, dot character (.), and two dot characters (…).

Authenticate Azure Blob Storage to Experience Platform authentication

You can connect your Azure Blob Storage account to Experience Platform using the following authentication types:

Account key authentication: Uses the storage account’s access key to authenticate and connect to your Azure Blob Storage account.
Shared access signature (SAS): Uses a SAS URI to provide delegated, time-limited access to resources in your Azure Blob Storage account.
Service principal based authentication: Uses an Azure Active Directory (AAD) service principal (client ID and secret) to securely authenticate to your Azure Blob Storage account.

Account key authentication

Provide values for the following credentials to connect your Azure Blob Storage account to Experience Platform using account key authentication.

table 0-row-2 1-row-2 2-row-2 3-row-2 4-row-2
Credential	Description
`connectionString`	The Azure Blob Storage connection string for your storage account. This string contains the information required to authenticate and connect to your Azure Blob Storage instance. Example format: `DefaultEndpointsProtocol=https;AccountName={ACCOUNT_NAME};AccountKey={ACCOUNT_KEY};EndpointSuffix=core.windows.net`
`container`	The name of the Azure Blob Storage container where your data files are stored. A container organizes a set of blobs, similar to a directory in a file system.
`folderPath`	The path within the specified container where your files are located. This is an optional subdirectory path (virtual folder) inside the container. If left blank, the root of the container is used.
`connectionSpec.id`	The connection spec ID returns a source’s connector properties, including authentication specs related to creating the base and source connections. The connection spec ID for Azure Blob Storage is `4c10e202-c428-4796-9208-5f1f5732b1cf`. Note: This credential is only required when connecting through the Flow Service API.

To learn more about how to use account key authentication with Azure Blob Storage, read the official Microsoft Azure authentication guide.

Shared access signature

Provide values for the following credentials to connect your Azure Blob Storage account to Experience Platform using shared access signature.

table 0-row-2 1-row-2 2-row-2 3-row-2 4-row-2
Credential	Description
`SasURI`	The shared access signature URI that you can use as an alternative authentication type to connect your account. The SAS URI pattern is: `https://{ACCOUNT_NAME}.blob.core.windows.net/?sv={STORAGE_VERSION}&st={START_TIME}&se={EXPIRE_TIME}&sr={RESOURCE}&sp={PERMISSIONS}>&sip=<{IP_RANGE}>&spr={PROTOCOL}&sig={SIGNATURE}`. For more information, see this Azure document on shared access signature URIs.
`container`	The name of the Azure Blob Storage container where your data files are stored. A container organizes a set of blobs, similar to a directory in a file system.
`folderPath`	The path within the specified container where your files are located. This is an optional subdirectory path (virtual folder) inside the container. If left blank, the root of the container is used.
`connectionSpec.id`	The connection spec ID returns a source’s connector properties, including authentication specs related to creating the base and source connections. The connection spec ID for Azure Blob Storage is `4c10e202-c428-4796-9208-5f1f5732b1cf`. Note: This credential is only required when connecting through the Flow Service API.

To learn more about how to use shared access signature with Azure Blob Storage, read the official Microsoft Azure authentication guide.

Service principal based authentication

Provide values for the following credentials to connect your Azure Blob Storage account to Experience Platform using service principal based authentication.

table 0-row-2 1-row-2 2-row-2 3-row-2 4-row-2 5-row-2 6-row-2 7-row-2 8-row-2
Credential	Description
`serviceEndpoint`	The endpoint URL of your Azure Blob Storage account. Typically in the format: `https://{ACCOUNT_NAME}.blob.core.windows.net`.
`accountKind`	The type of your Azure Blob Storage account. Common values include `Storage` (general purpose V1), `StorageV2` (general purpose V2), `BlobStorage`, and `BlockBlobStorage`.
`servicePrincipalId`	The client/application ID of the Azure Active Directory (AAD) service principal used for authentication.
`servicePrincipalKey`	The client secret or password associated with the Azure service principal.
`tenant`	The Azure Active Directory (AAD) tenant ID where the service principal is registered.
`container`	The name of the Azure Blob Storage container where your data files are stored.
`folderPath`	The path within the specified container where your files are located. This is an optional subdirectory path (virtual folder) inside the container. If left blank, the root of the container is used.
`connectionSpec.id`	The connection spec ID returns a source’s connector properties, including authentication specs related to creating the base and source connections. The connection spec ID for Azure Blob Storage is `4c10e202-c428-4796-9208-5f1f5732b1cf`. Note: This credential is only required when connecting through the Flow Service API.

To learn more about how to use service principal based authentication with Azure Blob Storage, read the official Microsoft Azure authentication guide.

Connect Azure Blob Storage to Experience Platform

The documentation below provides information on how to connect Azure Blob to Adobe Experience Platform using APIs or the user interface:

Using APIs

Using the UI

recommendation-more-help

337b99bb-92fb-42ae-b6b7-c7042161d089