Public Preview: Entra ID-Based Access for Azure Blob Storage SFTP

Microsoft Entra ID-based access for Azure Blob Storage SFTP is now in public preview. This new capability empowers you to use Microsoft Entra ID identities (including guest users via Entra External Identities) to securely connect to Azure Blob Storage via SFTP without needing local user creation and management. Key capabilities include: * Single Sign-On and Multi-Factor Authentication: Users authenticate with their existing corporate credentials, with MFA support to protect against credential theft. * Conditional Access Policies: Apply sophisticated access controls based on user location, device compliance, risk level, and other contextual factors. * Unified Identity Lifecycle: SFTP access is automatically updated or revoked through your existing identity management processes when users leave or change roles. * External Identity Support: Securely collaborate with partners and vendors using Entra External Identities (B2B) without creating local accounts. * Native Azure RBAC, ABAC, and ACL Integration: SFTP access seamlessly integrates with Azure's comprehensive authorization framework, respecting the same permissions as REST API, Azure CLI, and other access methods. Questions or feedback? We would love to hear from you! Reach out to our team at blobsftp@microsoft.com. Get started: Register for the preview feature in your subscription, assign RBAC roles to a user or group, and generate an SSH certificate to connect via SFTP. [Learn more](https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-support-entra-id-based-access).