This article shows you how to connect to Azure Blob Storage by using the Azure Blob Storage client library for Java. Once connected, use thedeveloper guides to learn how your code can operate on containers, blobs, and features of the Blob Storage service.

If you're looking to start with a complete example, seeQuickstart: Azure Blob Storage client library for Java.

API reference |Package (Maven) |Library source code |Samples |Give feedback

Prerequisites

• Azure subscription -create one for free
• Azure storage account -create a storage account
• Java Development Kit (JDK) version 8 or above
• Apache Maven is used for project management in this example

Set up your project

Use Maven to create a new console app, or open an existing project. Follow these steps to install packages and add the necessaryimport directives.

Install packages

Open thepom.xml file in your text editor. Install the packages byincluding the BOM file, orincluding a direct dependency.

Include the BOM file

Addazure-sdk-bom to take a dependency on the latest version of the library. In the following snippet, replace the{bom_version_to_target} placeholder with the version number. Usingazure-sdk-bom keeps you from having to specify the version of each individual dependency. To learn more about the BOM, see theAzure SDK BOM README.

<dependencyManagement>    <dependencies>        <dependency>            <groupId>com.azure</groupId>            <artifactId>azure-sdk-bom</artifactId>            <version>{bom_version_to_target}</version>            <type>pom</type>            <scope>import</scope>        </dependency>    </dependencies></dependencyManagement>

Add the following dependency elements to the group of dependencies. Theazure-identity dependency is needed for passwordless connections to Azure services.

<dependency>    <groupId>com.azure</groupId>    <artifactId>azure-storage-blob</artifactId></dependency><dependency>      <groupId>com.azure</groupId>      <artifactId>azure-storage-common</artifactId></dependency><dependency>    <groupId>com.azure</groupId>    <artifactId>azure-identity</artifactId></dependency>

Include a direct dependency

To take dependency on a particular version of the library, add the direct dependency to your project:

<dependency>    <groupId>com.azure</groupId>    <artifactId>azure-storage-blob</artifactId>    <version>{package_version_to_target}</version></dependency><dependency>      <groupId>com.azure</groupId>      <artifactId>azure-storage-common</artifactId>      <version>{package_version_to_target}</version></dependency><dependency>    <groupId>com.azure</groupId>    <artifactId>azure-identity</artifactId>    <version>{package_version_to_target}</version></dependency>

Include import directives

Then open your code file and add the necessaryimport directives. In this example, we add the following directives in theApp.java file:

import com.azure.core.credential.*;import com.azure.identity.*;import com.azure.storage.blob.*;import com.azure.storage.blob.models.*;import com.azure.storage.blob.specialized.*;import com.azure.storage.common.*;

Blob client library information:

• com.azure.storage.blob: Contains the primary classes (client objects) that you can use to operate on the service, containers, and blobs.
• com.azure.storage.blob.models: Contains utility classes, structures, and enumeration types.
• com.azure.storage.blob.specialized: Contains classes that you can use to perform operations specific to a blob type (For example: append blobs).

Authorize access and connect to Blob Storage

To connect an app to Blob Storage, create an instance of theBlobServiceClient class. You can also use theBlobServiceAsyncClient class forasynchronous programming. This object is your starting point to interact with data resources at the storage account level. You can use it to operate on the storage account and its containers. You can also use the service client to create container clients or blob clients, depending on the resource you need to work with.

To learn more about creating and managing client objects, seeCreate and manage client objects that interact with data resources.

You can authorize aBlobServiceClient object by using a Microsoft Entra authorization token, an account access key, or a shared access signature (SAS). For optimal security, Microsoft recommends using Microsoft Entra ID with managed identities to authorize requests against blob data. For more information, seeAuthorize access to blobs using Microsoft Entra ID.

// Azure SDK client builders accept the credential as a parameter// TODO: Replace <storage-account-name> with your actual storage account nameBlobServiceClient blobServiceClient = new BlobServiceClientBuilder()        .endpoint("https://<storage-account-name>.blob.core.windows.net/")        .credential(new DefaultAzureCredentialBuilder().build())        .buildClient();// If needed, you can create a BlobContainerClient object from the BlobServiceClientBlobContainerClient containerClient = blobServiceClient        .getBlobContainerClient("<container-name>");// If needed, you can create a BlobClient object from the BlobContainerClientBlobClient blobClient = containerClient        .getBlobClient("<blob-name>");

public static BlobServiceClient GetBlobServiceClientSAS(String sasToken) {    // TODO: Replace <storage-account-name> with your actual storage account name    BlobServiceClient blobServiceClient = new BlobServiceClientBuilder()            .endpoint("https://<storage-account-name>.blob.core.windows.net/")            .sasToken(sasToken)            .buildClient();    return blobServiceClient;}

public static BlobServiceClient GetBlobServiceClientAccountKey(String accountName, String accountKey) {    StorageSharedKeyCredential credential = new StorageSharedKeyCredential(accountName, accountKey);    // Azure SDK client builders accept the credential as a parameter    BlobServiceClient blobServiceClient = new BlobServiceClientBuilder()            .endpoint(String.format("https://%s.blob.core.windows.net/", accountName))            .credential(credential)            .buildClient();    return blobServiceClient;        }

public static BlobServiceClient GetBlobServiceClientConnectionString(String connectionString) {    // Azure SDK client builders accept the credential as a parameter    // TODO: Replace <storage-account-name> with your actual storage account name    BlobServiceClient blobServiceClient = new BlobServiceClientBuilder()            .endpoint("https://<storage-account-name>.blob.core.windows.net/")            .connectionString(connectionString)            .buildClient();    return blobServiceClient;        }

Configure the JVM TTL for DNS name lookups

The Java Virtual Machine (JVM) caches responses from successful DNS name lookups for a specified period of time, known as time-to-live (TTL). The default TTL value for many JVMs is-1, which means that the JVM caches the response indefinitely, or until the JVM is restarted.

Because Azure resources use DNS name entries that can change, we recommend that you set the JVM TTL value to 10 seconds. This configuration ensures that an updated IP address for a resource is returned with the next DNS query.

To change the TTL value globally for all applications using the JVM, set thenetworkaddress.cache.ttl property in thejava.security file.

networkaddress.cache.ttl=10

For Java 8, thejava.security file is located in the$JAVA_HOME/jre/lib/security directory. For Java 11 and higher, the file is located in the$JAVA_HOME/conf/security directory.

Build your app

As you build apps to work with data resources in Azure Blob Storage, your code primarily interacts with three resource types: storage accounts, containers, and blobs. To learn more about these resource types, how they relate to one another, and how apps interact with resources, seeUnderstand how apps interact with Blob Storage data resources.

The following guides show you how to access data and perform specific actions using the Azure Storage client library for Java: