We recommend you use an access policy for a SAS token.
The SAS token can be easily generated with the Microsoft Azure Storage Explorer
- In the Microsoft Azure Storage Explorer, browse to the desired blob container.
- Right click on the container and select on "Get Shared Access Signature...".
- Include the following permissions for: Read, Create, Write, Delete, List.
For the Direct Access option, you must include only the Read permission. Other permissions are not needed for Direct Access and could cause security issues when included.