'Correct way to securely store Azure blob storage access key in C# app
I am building a c# app (WPF) which uploads log files to an azure blob storage. I store the StorageConnectionString inside the App.config file like this:
<appSettings>
<add key="StorageConnectionString" value="DefaultEndpointsProtocol=https;AccountName=<my account name>;AccountKey=<my account key>;EndpointSuffix=core.windows.net" />
</appSettings>
In my code I retrieve the StorageConnectionString like this:
string connectionString = ConfigurationManager.AppSettings.Get("StorageConnectionString");
Everything works fine so far, but I am worried about the clearly visible StorageConnectionString inside the App.config file.
How can I secure my app that its not possible with reverse engineering to get the StorageConnectionString?
Solution 1:[1]
To securely store your Storage Account access key in C# application, you can use either of the below options:
- Store the Storage Account Key as an environment variable
- Use Azure AD Authentication for your blob storage instead of access key
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | RamaraoAdapa-MT |