# Azure Blob Storage
Azure Blob Storage (opens new window) helps you create data lakes for your analytics needs and provide you storage to build powerful cloud-native and mobile apps.
Workato's Azure Blob Storage connector enables you to build even more automation around your cloud storage needs. Build data pipelines that automatically pull or push data to Azure Blob Storage from various other apps.
# API version
The Azure Blob Storage connector uses the Blob service REST API (opens new window).
# How to connect to Azure Blob Storage on Workato
Create a Workato connection to Azure Blob Storage by creating an Integration System User (ISU) in your Azure Active Directory.
# How to create an integration User for Workato in Azure Active Directory
It is recommended to use an ISU for integration with Workato. This ensures that permissions are consistent and all operations can be logged on a single account. The following details the steps needed to create an integration user for Workato in your Azure portal.
This ISU should only have access to the storage account you have defined in your connection.
First, create the ISU in your Azure portal by navigating over to Azure Active Directory => Users => New user
Navigate to Azure Active Directory from your Azure portal
Navigate to users in Azure Active Directory
Select New user
Fill up the new user's details.
The ISU's name and email should reflect that it's a dedicated user for Workato and for a specific Storage Account.
Now, we need to provide access to your Azure Blob Storage Account to this ISU you have just created. Navigate over to Storage Accounts => [Storage account] => Access Control => Add Role Assignment
Navigate to Storage Accounts from your Azure portal
Find the storage account you want to grant access to Workato
Navigate to Access Control in this Storage Account
Add role assignment for this Storage Account to the ISU you just created
Assign role assignments to the ISU you just created
To allow full read and write connectivity on Workato, you should provision at least the role "Storage Blob Data Contributor". For only read connectivity, you may provision "Storage Blob Data Reader".
To ensure a smooth set up, make sure the following are enabled -
- Storage Data Contributor role is enabled for write access
- Public network access is enabled, at least for Workato IP
- Container access level is set to public
# Creating the Workato Connection
Back in Workato, you'll be prompted for a few details when connecting.
|Connection name||Provide a unique name that identifies which Azure Blob Storage instance it is connected to.|
|Storage account||The name of your storage account in Azure Blob Storage|
|Connection account type||Choose whether to sign in with a common, organization or tenant-specific connection account type. Common supports personal, enterprise and multi-tenant accounts which are not tenant specific. Organization supports multi-tenant enterprise accounts. Tenant specific option requires tenant ID/domain to be provided. Default is set to common type.|