You can use a Shared Access Signature Token (SAS) when you want to provide access to resources in your storage account to any client not possessing your storage account's access keys.
Download Azure (Shared Access Signature Token) connection profile for preconfigured settings
Windows Azure Blob Storage connection profile is bundled by default.
Supports features such as editing metadata, editing ACLs on containers and copying shared signature URLs for giving temporary access to users with a time limited signed URL to files in a container.
Access Control (ACL)
Edit ACLs in File → Info (⌘-I) → Permissions. To make objects in a container publicly accessible, choose Everyone → READ.
Shared Access Signature URLs
A private object stored in Azure Storage can be made publicly available for a limited time using a signed URL. The signed URL can be used by anyone to download the object, yet it includes a date and time after which the URL will no longer work. Copy the signed URL from Edit → Copy URL→ Signed URL.
Cyberduck
Mountain Duck
CLI