Azure CDN gets token authentication

Kit McDonald

Microsoft Azure announced today that Azure CDN from Verizon Premium will now have a token-based authentication feature for all customers.

Multiple users will now be able to use the same token during a session compared to logging in separately to the protected content. Even though token-based authentication has some disadvantages, the Azure team has considered them by putting requests through CDN edge POPs first to check the user’s permissions.

Otherwise, some benefits to adding the token-based authentication to your Azure CDN includes:

  • Easily scalable, no need to store user login information on the server.
  • Mobile application ready solution.
  • Provides security, each request must contain the token and after the token expires user needs to login again.
  • Prevents attacks such as cross-site request forgery (CSRF, also known as session riding).

IT admins can customize the token value with a list of perimeters such as allowing or deny requests from specified countries, URLs, hosts, IP addresses, or even putting up an assigned expiration time/date.

You can read more about how to enable token authentication and other options for making your Azure CDN assets secure in the full documentation.