Sample code for 30+ languages & platforms
Classic ASP

How to Generate an Azure Storage Account Shared Access Signature (SAS)

See more Azure Cloud Storage Examples

Shows how to generate a Shared Access Signature (SAS) for an Azure Storage Account.

Note: This example requires Chilkat v9.5.0.65 or greater.

Chilkat Classic ASP Downloads

Classic ASP
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<%
' Note: Requires Chilkat v9.5.0.65 or greater.

' This requires the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.

' --------------------------------------------------------------------------
' Create a Shared Access Signature (SAS) token for an Azure Storage Account.
' --------------------------------------------------------------------------

' See https://docs.microsoft.com/en-us/rest/api/storageservices/fileservices/constructing-an-account-sas 
' for details regarding the Azure Storage Account SAS fields.

set authSas = Server.CreateObject("Chilkat.AuthAzureSAS")
authSas.AccessKey = "AZURE_ACCESS_KEY"

' Specify the format of the string to sign.
' Each comma character in the following string represents a LF ("\n") character.
' The names specified in the StringToSign are replaced with the values specified
' in the subsequent calls to SetTokenParam and SetNonTokenParam,.

' Note: The trailing comma in the StringToSign is intentional and important. This indicates that the 
' string to sign will end with a "\n".

' Also note: The names in the StringToSign are case sensitive.  The names
' specified in the 1st argument in the calls to SetNonTokenParam and SetTokenParam should
' match a name listed in StringToSign. 
authSas.StringToSign = "accountname,signedpermissions,signedservice,signedresourcetype,signedstart,signedexpiry,signedIP,signedProtocol,signedversion,"

'  The account name is "chilkat".  Use your own account name instead of "chilkat".
'  Also use your own container name instead of "mycontainer".
success = authSas.SetNonTokenParam("accountname","chilkat")

success = authSas.SetTokenParam("signedpermissions","sp","rwdlacup")
success = authSas.SetTokenParam("signedservice","ss","bfqt")
success = authSas.SetTokenParam("signedresourcetype","srt","sco")

set dt = Server.CreateObject("Chilkat.CkDateTime")
success = dt.SetFromCurrentSystemTime()
success = authSas.SetTokenParam("signedstart","st",dt.GetAsIso8601("YYYY-MM-DDThh:mmTZD",0))

' This SAS token will be valid for 30 days.
success = dt.AddDays(30)
success = authSas.SetTokenParam("signedexpiry","se",dt.GetAsIso8601("YYYY-MM-DDThh:mmTZD",0))

success = authSas.SetTokenParam("signedProtocol","spr","https")

'  Specifiy values and query param names for each field.
'  If a field is not specified, then an empty string will be used for its value.
success = authSas.SetTokenParam("signedversion","sv","2015-04-05")

' Note that we did not call SetTokenParam for "signedIP".  For any omitted fields
' the value will default to the empty string.

' Generate the SAS token.
sasToken = authSas.GenerateToken()
If (authSas.LastMethodSuccess <> 1) Then
    Response.Write "<pre>" & Server.HTMLEncode( authSas.LastErrorText) & "</pre>"
    Response.End
End If

Response.Write "<pre>" & Server.HTMLEncode( "SAS token: " & sasToken) & "</pre>"

' Save the SAS token to a file.
' We can then use this pre-generated token for future Azure Storage Account operations.
set fac = Server.CreateObject("Chilkat.FileAccess")
success = fac.WriteEntireTextFile("qa_data/tokens/azureStorageAccountSas.txt",sasToken,"utf-8",0)

%>
</body>
</html>