Azure resources and services can be accessed using different mechanism. From LIVE accounts and/or AD users to access tokens (Shared Access Signatures (SAS) and Shared Access Policies). Token based authentication and authorization provides delegated access to any service or resource that is exposed by Azure. It helps us a lot when we need to provide access to external systems. We have a granular and fine control to all resources that can be accessed in this way. Each token can be generated on the fly, based on our needs. You don't want to share the 'full admin' rights to all external systems or components. From security perspective, this is a very useful thing. We don't need to create users, manage password, registration form and maintain the user list. It is very tempting to use such a solution inside the system. Each internal component that access a Azure resources will be able to access it only based on a unique token that was generated only for that scop...
DREAMER, CRAFTER, TECHNOLOGY ENTHUSIAST, SPEAKER, TRAINER, AZURE MVP, SOLVING HARD BUSINESS PROBLEMS WITH CUTTING-EDGE TECHNOLOGY