DocumentationRecipesReferenceGraphQLChangelogFAQ
Log In

Creating an Azure Blob Storage integration

To use remote files in projects, you must first create an integration. Then in each one of your projects, you can define a connector between the integration and the project.

📘

You can create an integration from Kili to Azure Blob Storage in two ways:


Adding Kili to your AAD

📘

To perform this step, you must have the rights to an external enterprise application to the IAM. Your role in Azure must be Application administrator.

  1. Add Kili's application service principal to your tenant.
  2. Add Kili app by going to this URL:
https://login.microsoftonline.com/<AAD ID>/adminconsent?client_id=5734576c-64d1-49f9-8a12-e3e6bcc9909b

📘

<AAD ID> is your your tenant id.

Setting up the integration in Kili

  1. Click on your name in the top-right corner of the Kili app interface, and then go to Organization Management > Integrations.

  2. Click New.

  3. Select Microsoft Azure.

  4. Fill in the following:

    1. Name: name of the integration that you are creating
    2. Azure Tenant Id: the tenant id of the storage account. You can get it from the Overview page of your Azure Active Directory.
    3. Azure Storage Url: Follow this pattern:
    • <STORAGE ACCOUNT> is the name of the storage account for which you are creating the integration.
    • CONTAINER NAME is the name of the container for which you are creating the integration.
    https://<STORAGE ACCOUNT>.blob.core.windows.net/<CONTAINER NAME>
    
  5. Add Kili’s service principal as a Storage Blob Delegator in the storage account, and Storage Blob Data Reader in the container.

  6. Add an entry to your storage account CORS rules, to allow Kili to directly read the signed urls in your bucket (refer to the example screenshot). The allowed origin is https://cloud.kili-technology.com and the allowed methods are GET, HEAD, OPTIONS and PATCH.

👍

You are now ready to synchronize data with a project.


Using service credentials generated once

🚧

With this setup, each user has direct access to Azure storage directly from Kili's front-end application. We recommend using it if your Azure storage is not accessible from Kili's backend.

Setting up the integration in Kili

  1. Click on your name in the top-right corner of the Kili app interface, and then go to Organization Management > Integrations.
  2. Click New.
  3. Select Microsoft Azure.
  4. Turn on the the Use service credentials instead of Kili's service account toggle.
  5. Fill in the following:
    1. Name: name of the integration that you are creating
    2. Azure SAS Token: the shared access token of the container. You can get it on the Shared Access Tokens page of your container. Under Permissions, select both READ and LIST.
    3. Azure Storage Url: Follow this pattern:
    • <STORAGE ACCOUNT> is the name of the storage account for which you are creating the integration.
    • CONTAINER NAME is the name of the container for which you are creating the integration.
    https://<STORAGE ACCOUNT>.blob.core.windows.net/<CONTAINER NAME>
    
  6. Add Kili’s service principal as a Storage Blob Delegator in the storage account, and Storage Blob Data Reader in the container.

👍

You are now ready to synchronize data with a project.