- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-24-2025 12:58 AM
Hi Community,
In our Azure tenant we are sticking to Microsoft recommendations and have moved away from Storage Key authentication to storage accounts and have disabled them by policy.
As per official Microsoft recommendation :
For optimal security, Microsoft recommends using Microsoft Entra ID with managed identities to authorize requests against blob, queue, and table data, whenever possible. Authorization with Microsoft Entra ID and managed identities provides superior security and ease of use over Shared Key authorization
Is anyone facing a similar case ? Is there any plan from ServiceNow to consider Entra ID authentication in the Storage Account pattern ?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-24-2025 02:44 AM
Hi @AdamSL ,
As per the latest information ServiceNow's out-of-the-box Azure Storage integrations (such as Discovery patterns and certain IntegrationHub spokes) have primarily relied on shared key authentication. This design decision aligns with earlier Microsoft and industry standards, but recent shifts now prioritize Entra ID.
Till date, ServiceNow has not publicly committed to supporting Entra ID/managed identity authentication for Azure Storage accounts within Discovery patterns or IntegrationHub spokes.
Official ServiceNow documentation details ServiceNow–Microsoft Entra integration for SSO, user provisioning, and various application integrations, but does not (yet) cover using Entra ID authentication specifically for Azure Storage account access (e.g., for files, discovery, backup, automation).
You can think of:
Short-Term Workarounds: Custom scripting using external middleware/lambda can bridge Azure AD tokens to ServiceNow, but is not recommended for most environments due to maintenance and support issues.
Submit/Raise an Idea: If your organization must have this, add or upvote the request on ServiceNow’s Idea Portal or Customer Voice channels to add weight to the business case.
For more detailed information please go throw the below references.
Set up Mircosoft Entra ID Spok , Integrating with Microsoft Entra ID , Microsoft Entra ID Spoke , Configure the connection to the Microsoft Entra ID Credential Store
Thanks,
Bhimashankar H
-------------------------------------------------------------------------------------------------
If my response points you in the right directions, please consider marking it as 'Helpful' & 'Correct'.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-24-2025 02:44 AM
Hi @AdamSL ,
As per the latest information ServiceNow's out-of-the-box Azure Storage integrations (such as Discovery patterns and certain IntegrationHub spokes) have primarily relied on shared key authentication. This design decision aligns with earlier Microsoft and industry standards, but recent shifts now prioritize Entra ID.
Till date, ServiceNow has not publicly committed to supporting Entra ID/managed identity authentication for Azure Storage accounts within Discovery patterns or IntegrationHub spokes.
Official ServiceNow documentation details ServiceNow–Microsoft Entra integration for SSO, user provisioning, and various application integrations, but does not (yet) cover using Entra ID authentication specifically for Azure Storage account access (e.g., for files, discovery, backup, automation).
You can think of:
Short-Term Workarounds: Custom scripting using external middleware/lambda can bridge Azure AD tokens to ServiceNow, but is not recommended for most environments due to maintenance and support issues.
Submit/Raise an Idea: If your organization must have this, add or upvote the request on ServiceNow’s Idea Portal or Customer Voice channels to add weight to the business case.
For more detailed information please go throw the below references.
Set up Mircosoft Entra ID Spok , Integrating with Microsoft Entra ID , Microsoft Entra ID Spoke , Configure the connection to the Microsoft Entra ID Credential Store
Thanks,
Bhimashankar H
-------------------------------------------------------------------------------------------------
If my response points you in the right directions, please consider marking it as 'Helpful' & 'Correct'.
