diff --git a/sdk/storage/azfile/assets.json b/sdk/storage/azfile/assets.json
index bcee341dc5..26c6aaf140 100644
--- a/sdk/storage/azfile/assets.json
+++ b/sdk/storage/azfile/assets.json
@@ -2,5 +2,5 @@
   "AssetsRepo": "Azure/azure-sdk-assets",
   "AssetsRepoPrefixPath": "go",
   "TagPrefix": "go/storage/azfile",
-  "Tag": "go/storage/azfile_23ee391082"
+  "Tag": "go/storage/azfile_d9960ee457"
 }
diff --git a/sdk/storage/azfile/share/client_test.go b/sdk/storage/azfile/share/client_test.go
index a5dc7fb74d..c62b2c77b7 100644
--- a/sdk/storage/azfile/share/client_test.go
+++ b/sdk/storage/azfile/share/client_test.go
@@ -9,6 +9,7 @@ package share_test
 import (
 	"context"
 	"fmt"
+	"github.com/Azure/azure-sdk-for-go/sdk/azcore"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
 	"github.com/Azure/azure-sdk-for-go/sdk/internal/recording"
 	"github.com/Azure/azure-sdk-for-go/sdk/storage/azfile/fileerror"
@@ -278,6 +279,59 @@ func (s *ShareRecordedTestsSuite) TestShareCreateNilMetadata() {
 	_require.Len(response.Metadata, 0)
 }
 
+func (s *ShareRecordedTestsSuite) TestAuthenticationErrorDetailError() {
+	_require := require.New(s.T())
+	testName := s.T().Name()
+
+	cred, err := testcommon.GetGenericSharedKeyCredential(testcommon.TestAccountDefault)
+	_require.NoError(err)
+
+	svcClient, err := testcommon.GetServiceClient(s.T(), testcommon.TestAccountDefault, nil)
+	_require.NoError(err)
+
+	shareName := testcommon.GenerateShareName(testName)
+	shareClient := testcommon.CreateNewShare(context.Background(), _require, shareName, svcClient)
+	defer testcommon.DeleteShare(context.Background(), _require, shareClient)
+
+	id := "testAccessPolicy"
+	ps := share.AccessPolicyPermission{
+		Write: true,
+	}
+	_require.NoError(err)
+
+	signedIdentifiers := make([]*share.SignedIdentifier, 0)
+	signedIdentifiers = append(signedIdentifiers, &share.SignedIdentifier{
+		AccessPolicy: &share.AccessPolicy{
+			Expiry:     to.Ptr(time.Now().Add(-1 * time.Hour)),
+			Permission: to.Ptr(ps.String()),
+		},
+		ID: &id,
+	})
+	_, err = shareClient.SetAccessPolicy(context.Background(), &share.SetAccessPolicyOptions{
+		ShareACL: signedIdentifiers,
+	})
+
+	sasQueryParams, err := sas.SignatureValues{
+		Protocol:   sas.ProtocolHTTPS,
+		Identifier: id,
+		ShareName:  shareName,
+	}.SignWithSharedKey(cred)
+	_require.NoError(err)
+
+	shareSAS := shareClient.URL() + "?" + sasQueryParams.Encode()
+	shareClientSAS, err := share.NewClientWithNoCredential(shareSAS, nil)
+	_require.NoError(err)
+
+	dirClient := testcommon.GetDirectoryClient(testcommon.GenerateDirectoryName(testName), shareClientSAS)
+	_, err = dirClient.Create(context.Background(), nil)
+	_require.Error(err)
+
+	var responseErr *azcore.ResponseError
+	_require.ErrorAs(err, &responseErr)
+	_require.Equal("AuthenticationFailed", responseErr.ErrorCode)
+	_require.Contains(responseErr.Error(), "AuthenticationErrorDetail")
+}
+
 func (s *ShareRecordedTestsSuite) TestShareCreateNegativeInvalidName() {
 	_require := require.New(s.T())
 	svcClient, err := testcommon.GetServiceClient(s.T(), testcommon.TestAccountDefault, nil)