Connecting to Azure Data Lake Storage
Connecting to Azure Data Lake Storage
You can authenticate to Azure Data Lake Storage as an Azure AD user, with MSI authentication, or using an Azure Service Principal.
Azure AD
You can authenticate an Azure AD account using either an Azure Access Key or OAuth authentication.
Method 1: Storage Account and Access Key
Set the following to authenticate with an Azure Access Key:
- AuthScheme: Set this to AzureAD.
- AzureStorageAccount: Set this to the account associated with the Azure Data Lake store.
- AzureAccessKey: Set this to the access key associated with the Azure Data Lake store.
Method 2: OAuth
Set the following to authenticate with OAuth:
- AuthScheme: Set this to AzureAD.
- AzureStorageAccount: Set this to the account associated with the Azure Data Lake store.
- InitiateOAuth: Set this to GETANDREFRESH. You can use InitiateOAuth to avoid repeating the OAuth exchange and manually setting the OAuthAccessToken.
Azure MSI
If you are connecting from an Azure VM with permissions to connect to Azure Data Lake Storage, set the following:
- AuthScheme: Set this to AzureMSI.
- AzureStorageAccount: Set this to the account associated with the Azure Data Lake store.
Azure Service Principal
If you would like to authenticate with a service principal instead of a client secret, it is also possible to authenticate with a client certificate.
- AuthScheme: Set this to AzureServicePrincipal.
- InitiateOAuth: Set this to GETANDREFRESH. You can use InitiateOAuth to avoid repeating the OAuth exchange and manually setting the OAuthAccessToken.
- AzureTenant: Set this to the tenant you wish to connect to.
- OAuthGrantType: Set this to CLIENT.
- OAuthClientId: Set this to the Client Id in your app settings.
- OAuthJWTCert: Set this to the JWT Certificate store.
- OAuthJWTCertType: Set this to the type of the certificate store specified by OAuthJWTCert.