SALES: 1-800-867-1380

Manage keys

Updated: January 25, 2014

Microsoft Azure Mobile Services has two keys that can be used to limit access to table data for unauthenticated users:

  • Application key

    The application key is generated by Mobile Services and is distributed with your app. Because Mobile Services is a publicly available Azure service, table resources are accessed by HTTP requests. When a client requests resources and provides an application key, Mobile Services validates the key. If the client has supplied the correct application key, access is allowed to any tables that require the application key as authorization.

    securitySecurity Note
    The application key is distributed with the application. Because this key is not encrypted, it cannot be considered secure. To secure access to you mobile service data, you must instead authenticate users before accessing.

  • Master key

    The master key is used for administrator access to the service and to disable scripts. This key is an important secret that should not be distributed. This key can also be used to limit table access only to registered scripts executed by the service or to administrators.

Keys can be regenerated as needed. You might do this when an application key has been compromised to prevent unwanted clients from accessing your mobile service. To regenerate keys, click Manage keys, and then click Regenerate.

ImportantImportant
When you regenerate keys, clients that use the old key may be unable to access your mobile service. When you regenerate the application key, you should update your app with the new key value.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft