@matt-1

I will let my colleagues and community teammates chime in, having not written an Azure integration into FusionAuth as of yet. However, here is my two cents:

If FusionAuth is the source of record, you will want to review the documentation that Azure AD provides and see if you can call into FusionAuth via OAuth2 or SAML or JWT from them.

Googling azure storage blob authentication via jwt token returns many promising possibilities that look relevant.

Another wrinkle is that you are likely asking for a permissions-based model below:

Azure Storage Blog (or some intermediary) authenticates backs to FusionAuth to check whether the user is authorized for the piece of content or not.

This might require you to handroll your own solution or explore others that are prebuilt. Roles and groups are one area in FusionAuth that you could use to assign some level of access to your users. With some integration code, you could help your application determine what storage they should have access to.

https://fusionauth.io/docs/v1/tech/apis/groups/ https://fusionauth.io/docs/v1/tech/core-concepts/roles/#overview

I hope this helps and will post back if anything additional occurs to me.

Thanks
Josh