A shared access signature (SAS) is an URI that grants restricted access rights to the Azure Storage resources. You can provide a shared access signature to clients who should not be trusted with your storage account key, but whom you wish to delegate access to certain storage account resources. By distributing a shared access signature URI to these clients, you grant them access to a resource for a specified period of time (from the Microsoft page).

To create a shared access signature, follow the steps listed below.

1. Go to

2. Search for storage accounts.

3. Select or create a storage account.

4. Click Shared access signature to access the page.

On the following page, you may chose to use all default values, however, it is possible to define specific values.

  • Define for which services the key may be used (by default, all services are selected, but only the Blob service is required).
  • Define which resource types are allowed (by default, all resource types are selected).
  • Define which permission the key has (by default, all permission options are selected).
  • Define the start and expiry dates.
  • Define allowed protocols (by default, the HTTPS only option is selected).
  • Select a signing key value which is key1.
  • Click the Generate SAS and connection string button.

Once you are done, copy the SAS token value which has been generated and paste it to the Azure SAS Token field which is available on the Azure Configuration FastTab of the Lasernet Setup page in Microsoft Dynamics 365 Business Central.