I was told that I can serve static content (.pdf and .docx documents) from Azure. First I have tried to get list of my PDFs from this "Blob SAS URL" link:
GET https://testtestsitweu.blob.core.windows.net/publicfiles?sp=rl&st=2024-02-15T14:18:59Z&se=2025-02-15T22:18:59Z&spr=https&sv=2022-11-02&sr=c&sig=TxAaaaaaaaaaaaaaaaaaaaaagU%3D
But it gives me the following error even though it has "list" and "read" rights:
<?xml version="1.0" encoding="utf-8"?>
<Error>
<Code>AuthenticationFailed</Code>
<Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
RequestId:b5d14821-701e-0083-2939-6363a8000000
Time:2024-02-19T13:42:06.9875994Z</Message>
<AuthenticationErrorDetail>Signature did not match. String to sign used was rl
2024-02-15T14:18:59Z
2025-02-15T22:18:59Z
/blob/testtest/$root
https
2022-11-02
c
</AuthenticationErrorDetail>
</Error>
What I am doing wrong here? Why it asks for authorization header? What is that? Why I would need an authorization header if I want to serve static content in the public web? I am using the wrong tool?
What I am doing wrong here?
Please see my answer here regarding this: https://stackoverflow.com/a/25038738/188096. In short, you need to put the name of the blob after the container name that you want to serve.
Why it asks for authorization header?
Request to Azure Storage must be authorized. You pass the authorization information either in Authorization header when you make direct REST API call. For SAS URL (like the one you are using), authorization header is kind of included in the URL itself (sig portion of the URL).
Why I would need an authorization header if I want to serve static content in the public web?
I am assuming that the blob container holding the static content has Private ACL. This is why you would need authorization header. One thing you could do is change the ACL of the blob container to Blob or Public and then no authorization will be required (even SAS URL). Your blobs will be directly accessible by the URL like https://account.blob.core.windows.net/container/myfile.pdf.