![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 63%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
3,003 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 2%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHB%3C/text%3E%3C/svg%3E)
Hi @salman
Welcome to Microsoft Q&A Forum. Thanks for posting your query here!
As per the error message it seems that you are facing an issue related to insufficient permissions in the OAuth token presented when trying to connect to a storage account endpoint. The error message indicates that some requests to the storage account were blocked because the permissions presented in the OAuth bearer token were not sufficient for the operation performed.
Specifically, it mentions that there is no role assignment that permits the Data Action Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action.
To resolve this issue, you should make sure that the user or service principal associated with the OAuth token has the appropriate role assigned that includes permissions for the required action. Ensure that the user or service principal should have Storage Blob Data Contributor or another role such as Storage Blob Data Owner, Storage Blob Data Reader that grants the required permissions.
Check for the proper role assignments, Navigate to Storage account through Portal>> In the left-hand menu, select Access Control (IAM) and then check for the Role assignments tab to see if the user or service principal has the necessary permissions.
If the user or service principal does not have the required permissions, you will need to assign a role that includes the necessary data actions.
Once the roles have been assigned, verify that the role assignment appears in the list and that it is correctly configured.
For more information, please refer the Azure built-in roles.
I hope this helps in resolving this issue. Please let us know if there are any further questions or issue still persists. we will be glad to assist you closely.
Please do consider to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.