Skip to content

Guide to Azure Blob REST API: Upload, Download, Manage, Secure

storage account size

What is Azure Blob Storage REST API?

Introduction to Azure Blob Storage

Azure Blob Storage is a cloud-based storage solution provided by Microsoft as part of its Azure platform. It enables users to store and manage unstructured data such as text, images, videos, and binary data in the cloud. This makes it a highly scalable and cost-effective way to store large amounts of data without having to worry about hardware maintenance or infrastructure management.

Azure Blob Storage is highly available and durable, with multiple copies of data stored across different locations within a region or even across regions for disaster recovery purposes. It also supports various access tiers, including hot, cool, and archive tiers with different pricing models depending on the frequency of access.

Overview of REST API

REST (Representational State Transfer) API is an architectural style for building web services that are lightweight, flexible, and scalable. It uses HTTP methods such as GET, POST, PUT, DELETE to interact with resources identified by URIs (Uniform Resource Identifiers).

Azure Blob Storage REST API follows the REST architectural style for accessing blobs stored in Azure storage accounts. This means that you can use HTTP methods like PUT to upload data into the blob container or GET to download data from it.

REST APIs have several benefits over traditional APIs. Firstly they offer better scalability since they are stateless and have a simple request/response model.

Secondly they enable developers to build powerful applications using lightweight clients like mobile devices or web browsers. RESTful APIs are also language-agnostic which means that you can use any programming language that supports HTTP requests/response protocols to interact with them.

Benefits of Using Azure Blob Storage REST API

The benefits offered by Azure Blob Storage REST API include:

  • Scalability: The RESTful architecture ensures your application can scale horizontally without needing additional hardware.
  • Flexibility: RESTful APIs are flexible and easy to use which makes it easy to integrate Azure blob storage with other applications.
  • Cost-effective: With Azure Blob Storage, you only pay for what you use, and the pricing tiers allow for cost optimization based on usage patterns.
  • High Availability: Azure Blob Storage provides multiple copies of data stored across different locations within a region or even across regions for disaster recovery purposes.
  • Security: The RESTful API provides several security features such as SSL encryption and SAS (Shared Access Signature) tokens to ensure secure access to resources.

Overall, Azure Blob Storage REST API is a powerful tool that enables developers to store, manage and retrieve large amounts of unstructured data in the cloud. Its ease of use, scalability, and flexibility make it an ideal solution for organizations looking to modernize their data storage infrastructure.

Getting Started with Azure Blob Storage REST API

Creating an Azure Storage Account

If you’re new to Azure, the first step in using the Blob Storage REST API is to create a storage account. This can be done through the Azure portal, or programmatically using an Azure SDK. When creating a storage account, you’ll need to choose a unique name and specify the account type (standard or premium).

You’ll also need to choose the replication type, which determines how your data is stored and replicated across multiple locations for redundancy. Once you’ve created your storage account, you can start using it to store data in blob containers.

Obtaining Access Keys for the Storage Account

To access your storage account from code, you’ll need to obtain two access keys – a primary key and a secondary key. These keys are used for authentication when making requests to the Blob Storage REST API.

To obtain these keys, navigate to your storage account in the Azure portal and click on “Access Keys” under “Settings”. From here, you can copy either key and use it in your code.

Understanding the Structure of a Blob Storage URL

In order to interact with blobs in your storage account via REST API calls, you’ll need to understand how URLs are structured. A typical blob URL has four components:

1) The base URL of your storage account (e.g.,

2) The container name

3) The blob name (optional)

4) Query parameters (optional)

For example: The query parameters are used to specify the shared access signature (SAS) for the blob, which determines the permissions and expiration time for accessing the blob.

Using Azure SDKs

While it’s possible to interact with Blob Storage REST API directly using HTTP calls and JSON payloads, it might be easier to use one of the various Azure SDKs available in multiple programming languages. These SDKs abstract away many of the details of making REST API requests and handling authentication. The Python SDK for Azure is called “azure-storage-blob” and can be installed via pip.

Testing Your Connection

After creating your storage account, obtaining access keys, understanding URL structure, and possibly configuring an SDK, you can test your connection by uploading a file to a container or downloading a blob. It’s important to note that every action against Blob Storage REST API incurs charges – these charges may vary based on storage account type, region etc. So make sure you know what features cost before using them in production!

Uploading and Downloading Data with Azure Blob Storage REST API

Using HTTP PUT method to upload data to a blob container

Uploading data to an Azure Blob Storage container is simple using the REST API. To upload data, authenticate with your storage account using either your account key or a stored access policy.

Once authenticated, you can create a new blob in the container and upload the data using a HTTP PUT request. You must include the content type and content length headers in your request.

To create a new blob, append the blob name to the container URL. The resulting URL is called the destination URL.

Then, issue an HTTP PUT request that includes the content of your blob in the message body of your request. “`http PUT Content-Type: text/plain Content-Length: 11 Hello World “`

This example uploads “Hello World” as plain text to a file named “myblob” in “mycontainer”. If successful, this command returns status code 201 (Created).

Using HTTP GET method to download data from a blob container

Downloading blobs from an Azure Blob Storage container is just as easy as uploading them with REST API. You simply issue an HTTP GET request for any given resource within a container by providing its URL.

To download from Azure Blob Storage using REST API, you must first authenticate by providing either your storage account key or one of its access policies on each request made against resources belonging to that storage account. After authenticating against Azure Blob Storage with either of these methods, you can then issue GET requests against URLs pointing to individual blobs within specified containers or even entire containers themselves.

“`http GET x-ms-date: Mon, 27 Jul 2009 12:28:53 GMT x-ms-version: 2009-07-17 “`

This example retrieves the content of a blob named “myblob” in “mycontainer”. If successful, the response message contains the content of the blob along with its HTTP status code.

Uploading and downloading data is a critical part of Azure Blob Storage REST API. Using HTTP PUT method to upload data to a blob container and using HTTP GET method to download data from a blob container is simple once you understand the specific headers required for each request.

Managing Containers with Azure Blob Storage REST API

Creating and Deleting Containers in Azure Blob Storage REST API

Azure Blob Storage REST API allows developers to create and delete containers using HTTP PUT and DELETE methods, respectively. A container is a logical unit of storage in which blobs are stored. To create a new container, developers can send an HTTP PUT request to the URL of the container they want to create.

The name of the container must be unique within the storage account, and it can only contain alphanumeric characters and hyphens. On successful creation, an HTTP status code of 201 (Created) is returned along with the ETag value for the newly created container.

When deleting containers, developers can remove all blobs within it or delete it outrightly. Using a DELETE request will completely remove this container permanently.

Listing All Containers in Azure Blob Storage REST API

Listing all containers within an Azure storage account is made possible by sending an HTTP GET request to a specific URL that lists them out. To retrieve this list, developers need to include their authentication credentials as part of the URL. The response payload contains information about each listed container like its name, properties like metadata, lease status (if any), etag value among others.

Developers can then use this information to make further changes or obtain more information about each particular container. In addition to listing out all containers within an account, developers also have access to listing out only specific subsets under certain criteria such as those created before or after certain dates or those that match specific prefixes.


When creating or deleting containers using Azure Blob Storage REST API, it’s important not just to consider performance optimization but also data integrity when working with large amounts of data across multiple accounts simultaneously. Also remember that while there are no restrictions on how many blobs you may store in one storage account, the number of blobs per container is limited to 5000 and maximum size of a single block blob is 200GB.


Managing containers efficiently and effectively within Azure Blob Storage REST API is essential for good data management. Creating new containers, deleting old ones and listing all containers efficiently can save time, space and contribute to a better organized system.

Working with Blobs in Azure Blob Storage REST API

Uploading, Downloading, and Deleting Blobs

Blobs are the fundamental entities stored in Azure Blob Storage. They can contain any type of data, such as text, images, videos, or binary files. In order to upload a blob to Azure Blob Storage using REST API, you need to use the HTTP PUT method with the following URL format: https://{accountname}{containername}/{blobname}.

When uploading a blob, you also need to specify its MIME type and any custom metadata associated with it. To download a blob from Azure Blob Storage using REST API, you need to use the HTTP GET method with the same URL format as for uploading.

You then receive a response that contains the content of the blob in its body. If you want to download part of a blob instead of its entire content, you can specify byte ranges in your GET request by setting the Range header.

Deleting blobs from Azure Blob Storage using REST API is done through an HTTP DELETE request that uses the same URL format as for uploading and downloading. Once deleted, blobs cannot be recovered.

Copying Blobs within or Across Storage Accounts

Copying blobs within or across storage accounts is another useful feature provided by Azure Blob Storage REST API. The basic idea is that you can replicate blobs across different containers or accounts without manually downloading them first. To copy a blob within the same storage account using REST API, you can use either synchronous or asynchronous copy operations.

A synchronous copy operation creates an exact replica of an existing blob at another location within the same storage account. An asynchronous copy operation allows you to copy blobs between containers or accounts asynchronously without blocking other operations.

To copy a blob across different storage accounts using REST API requires a two-step process: – First obtain a Shared Access Signature (SAS) token for the source blob.

– Then use the token to initiate an asynchronous copy operation from the source blob URL to the destination blob URL. Note that when copying blobs across storage accounts, you may incur additional network egress charges and higher latency compared to copying within the same storage account.

Use Case: Uploading Images with Azure Blob Storage REST API

One common use case for Azure Blob Storage REST API is uploading images from a web application. For example, you might want to allow your users to upload profile pictures or other visual content without having to store them on your own server.

To achieve this, you can create a container in your Azure Blob Storage account that is publicly accessible. When a user uploads an image through your web application, you can send a PUT request to the container’s URL with the appropriate headers and body data.

Once uploaded, you can obtain the public URL of the image by concatenating its container name and blob name with https://{accountname} By using Azure Blob Storage REST API for image uploads, you not only reduce storage costs but also improve scalability and reliability of your web application.

Best Practices for Working with Blobs in Azure Blob Storage REST API

When working with blobs in Azure Blob Storage using REST API, there are several best practices that you should follow: – Always use HTTPS instead of HTTP to ensure secure data transmission. – Use SAS tokens instead of Access Keys whenever possible to minimize security risks.

– Avoid hardcoding connection strings or keys in your code; instead use environment variables or other secure configuration methods. – Use asynchronous copy operations when copying large blobs or across different storage accounts.

– Consider using CDN (Content Delivery Network) integration for serving frequently accessed blobs faster and closer to end-users. By following these best practices, you can optimize performance and security while minimizing costs when working with blobs in Azure Blob Storage using REST API.

Securing Access to Azure Blob Storage REST API

Implementing Shared Access Signature (SAS) for Secure Access to Blobs

One of the most important aspects of using the Azure Blob Storage REST API is ensuring that your data is secure. The implementation of Shared Access Signature (SAS) allows you to create a secure and time-limited access to a specific blob or container in your storage account.

To implement SAS, you need to generate a token that includes an expiration time, permissions granted, and cryptographic signature. This token can then be appended as a query string parameter to the URL used for accessing the blob or container.

By using SAS, you are able to grant temporary access with limited permissions, minimizing the risk of unauthorized access or misuse of your data. It is important to note that SAS tokens should always be kept private and only shared with trusted parties.

Configuring CORS Rules for Cross-origin Requests

Another important aspect of securing access to Azure Blob Storage REST API is configuring Cross-Origin Resource Sharing (CORS) rules. CORS enables web applications running on different domains than your storage account’s domain name to make requests against it without restriction. Without proper CORS configuration, web browsers may block requests from other websites attempting to access data in your storage account.

This could result in degraded functionality or security vulnerabilities. To configure CORS rules for cross-origin requests, you must specify which domains are allowed and which HTTP methods are supported.

This can be done through Azure Portal or programmatically through REST API calls. By configuring CORS rules correctly, you enable cross-domain requests while maintaining control over which domains can access your data and what type of requests they can make.

Securing access within any system is an essential factor when dealing with sensitive data storage such as blobs in Azure. By implementing Shared Access Signatures (SAS), you limit access to your blobs based on permissions and time limitations, making sure that only the right people have the necessary permissions.

On the other hand, configuring CORS rules for cross-origin requests ensures that web browsers don’t block requests from other websites attempting to access data in your storage account. With SAS and CORS, you can rest assured that your data is secure and accessible to those who are permitted to use it.

Monitoring and Logging in Azure Blob Storage REST API

Enabling logging for diagnostic purposes

When working with Azure Blob Storage, it’s essential to have a way to monitor the activity happening within your storage account. Enabling logging can help you diagnose errors, track usage, and understand how your application is interacting with blob storage.

To enable logging, you must configure your storage account to send log data to an Azure Storage account or a third-party log analytics tool. Once enabled, logs are created for each storage service API operation that occurs in the account.

These logs contain information such as the timestamp of the operation, the user who initiated it, and any error messages associated with it. You can then use these logs to troubleshoot issues or identify trends in usage.

Monitoring performance metrics using metrics APIs

In addition to logging, Azure Blob Storage also provides metrics APIs that allow you to monitor performance and usage over time. These APIs provide data on various aspects of your storage account’s performance, such as transactions per second (TPS), ingress/egress bandwidth utilization, and availability. To use the metrics APIs, you must first enable them for your storage account.

Once enabled, you can retrieve metric data using REST API calls or by accessing them through Azure Monitor. This data can be used to create custom dashboards or alerts based on specific thresholds.


Monitoring and logging are crucial aspects of managing Azure Blob Storage accounts through REST API calls. By enabling logging and utilizing the metrics APIs available through Azure Monitor, developers gain valuable insight into their application’s usage patterns within blob storage accounts which is critical when identifying bottlenecks that could be causing problems for users running applications on these platforms.

When used together effectively with other tools like SAS for secure access control among others mentioned earlier in this article; monitoring and logging can help ensure that your Azure Blob Storage accounts are performing optimally to deliver reliable, scalable storage solutions. So whether you’re an application developer, a cloud architect, or anyone working with blob storage accounts in Azure, implementing monitoring and logging should be a top priority for managing these services effectively.

Leave a Reply