You can refer to below steps for scenarios in which you have an application special requirement and need to call raw Storage table REST API from your dev environment via Postman. It consists of two main HTTP requests: first, to authenticate directly using AD security principal to get access token, second an authenticated storage REST API call for Table Storage.
To follow the steps in this article you must have:
- Azure subscription
- An Azure AD tenant
- Registered application (AD Service principal)
Steps to reproduce this scenario:
- Acquire oAuth 2.0 token:
- Created security principal for application (Azure portal > AAD > app registrations). Documentation reference: https://docs.microsoft.com/en-us/rest/api/servicebus/get-azure-active-directory-token#register-your-...
- Assigned Storage Table Data Reader role at storage account level to SP created in step #1 (waited for 30 mins)
- Used Postman to get the Azure AD token:
- Launch Postman.
- For the method, select GET.
- For the URI, enter https://login.microsoftonline.com/<TENANT ID>/oauth2/token. Replace <TENANT ID> with the tenant ID value you copied earlier.
- On the Headers tab, add Content-Type key and application/x-www-form-urlencoded for the value.
- Switch to the Body tab and add the following keys and values.
- Select form-data.
- Add grant_type key, and type client_credentials for the value.
- Add client_id key, and paste the value of client ID you noted down earlier.
- Add client_secret key, and paste the value of client secret you noted down earlier.
- Add resource key, and type https://storage.azure.com/ for the value
- Select Send to send the request to get the token. You see the token in the result. Save the token (excluding double quotes). You will use it later
- Called Query Entities storage REST API and passed the oAuth 2.0 token from previous step
- In Postman, open a new tab.
- Select GET for the method.
- Enter URI in the following format: https://<account>.table.core.windows.net /<table>(). Replace <account> with the name of the Storage Account name. Replace <table> with the name of the table.
- On the Headers tab, add the following three headers.
- Add Authorization key and value for it in the following format: Bearer <TOKEN from Azure AD>. When you copy/paste the token, don't copy the enclosing double quotes.
- Select Send to get the entities from table. You see the status as OK with the code 200 as shown in the following image.