SlideShare a Scribd company logo

SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoint 2013

Eric Shupps
Eric Shupps

This document discusses OAuth authentication in SharePoint 2013. It provides an overview of OAuth and how it manages identity and handles requests for trusted identity claims. It also covers how OAuth is used for on-premise apps and cloud apps to authorize access between servers, farms, and apps. The document includes an agenda that outlines key concepts like security token services, access tokens, realms, certificates and metadata configuration needed to implement OAuth authentication.

Technology
1 of 34
Downloaded 10 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
Who Are You and What Do You Want? Working with OAuth in SharePoint 2013
CKS:DEV The SharePoint Cowboy Patterns & Practices Eric Shupps www.sharepointcowboy.com eshupps@binarywave.com facebook.com/sharepointcowboy @eshupps
Introduction Farms On Premise Apps OAuth + SharePoint Servers Cloud Apps Agenda
INTRODUCTION
authorization
SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoint 2013
User requests access App requests Request Token Provider returns Request Token App builds auth link w/ Request Token User requests URL + Request Token Provider returns access token User requests URL + Access Token App validates access token Access token validated User granted access 1 2 3
User requests access App requests Request Token Provider returns Request Token App builds auth link w/ Request Token User requests URL + Access Token App validates access token Access token validated User granted access 1 2
OAuth in SharePoint 2013
SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoint 2013
Manages identity information for principals (STS)Identity Provider Handles requests for trusted identity claimsSecurity Token Service Identity provider associated with a web applicationIdentity Token Issuer Trusted resource (farm, server, etc.)Security Token Issuer Resource information and signing certificate (JSON)Metadata Endpoint Used to request permission to protected resourceRequest Token Used by App to access resource on behalf of userAccess Token Operation scope for authorizationRealm Cloud-based security token service (IP-STS)Azure ACS
SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoint 2013
SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoint 2013
Farms
COLLABORATE My Sites Content Distributed Roles Enterprise Features Managed Metadata Search Shared Service Applications Request Management
Consumer Export Root & STS Certificates Copy Certificates Import root certificate(s) and create trusted root authority Provider Export Root Certificate Copy Certificates Import STS Certificate Create Trusted Service Token Issuer Import root certificate(s) and create trusted root authority
Consumer Provider Create Trusted Root Authority Set Authentication Realm Create Trusted Security Token Issuer Create App Principals Create Trusted Root Authority Create Trusted Security Token Issuer
SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoint 2013
Servers
Other Lync Office Web Applications Workflow Servers Exchange
Certificates Metadata Create security token issuer Assign app principal permissions Install client components Export/Import certificates Create root authorities Execute configuration scripts Execute configuration scripts
SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoint 2013
On-Premise Apps
App establishes context SP validates S2S trust App requests access token from SP Browser POSTS parameters to App SP returns parameters User browses to App
User Permissions App behaves in context of user Consistent across all requests Specific access rights and scope requested by app App Only Permissions Granted on app installation
Establish client context Get access token with S2S Get claims from Windows identity Get request parameters
SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoint 2013
SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoint 2013
Cloud Apps
App establishes context ACS provides access token App requests access token from ACS Browser POSTS request token to app SP sends request tokens to browser SP gets request token from ACS User browses to app
Get client context from SP with access token Get access token Read and validate context token Parse out Context Token Get POST parameters from SP
SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoint 2013
SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoint 2013
Description Link OAuth Working Group http://oauth.net/ OAuth Resource Guide http://bit.ly/14CWPNb Authorization and authentication for apps in SharePoint 2013 http://bit.ly/16f8WFh Setting up an OAuth trust between farms in SharePoint 2013 http://bit.ly/12Yr7e3 Plan for server-to-server authentication in SharePoint 2013 http://bit.ly/1chAgFl What’s new in authentication for SharePoint 2013 http://bit.ly/1e6KaYv Creating High-Trust apps with S2S http://bit.ly/18RL8uL Using O365 to Authorize On-Premise Apps http://bit.ly/1fvv1Bo

More Related Content

What's hot (20)

PDF
Webinar - Migrating Legacy On Premise Solutions to SharePoint Online and Wind...
Eric Shupps
 
PPTX
Introduction to Office and SharePoint Development
Eric Shupps
 
PPTX
Apps 101 - Moving to the SharePoint 2013 App Model - Presented 7/27/13 at Sha...
BlueMetalInc
 
PPTX
SharePoint Online and Azure - Better Together
Nuno Oliveira Costa
 
PDF
O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...
NCCOMMS
 
PDF
Introduction to Azure Web Applications
JoAnna Cheshire
 
PPTX
SPCA2013 - Developing Provider-Hosted Apps for SharePoint 2013
NCCOMMS
 
PPTX
Real World SharePoint Add-In Development
Eric Shupps
 
PPTX
Pushing the Boundaries - A Deep-Dive into Real-World SharePoint Add-In and Ap...
Eric Shupps
 
PPTX
Building Apps for SharePoint 2013 by Andrew Connell - SPTechCon
SPTechCon
 
PPT
Authentication across the Atlassian Ecosystem - AtlasCamp 2011
Atlassian
 
PPTX
Developer’s Independence Day: Introducing the SharePoint App Model
bgerman
 
PPTX
SharePoint 2013 “App Model” Developing and Deploying Provider Hosted Apps
Sanjay Patel
 
PPTX
Developing a Provider Hosted SharePoint app
Talbott Crowell
 
PPTX
How Joomla and Microsoft are a Great Open Source Success
Cory Fowler
 
PPTX
Lessons learned from running massive WordPress sites at scale
Cory Fowler
 
PPTX
Share point 2013 new and improved
Eric Shupps
 
PDF
SharePoint 2013 - A Real World Help Desk App End to End
Eric Shupps
 
PDF
The SharePoint Survival Guide Top 10
Eric Shupps
 
PPTX
Office Development Licensing, Deployment and ALM
Eric Shupps
 
Webinar - Migrating Legacy On Premise Solutions to SharePoint Online and Wind...
Eric Shupps
 
Introduction to Office and SharePoint Development
Eric Shupps
 
Apps 101 - Moving to the SharePoint 2013 App Model - Presented 7/27/13 at Sha...
BlueMetalInc
 
SharePoint Online and Azure - Better Together
Nuno Oliveira Costa
 
O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...
NCCOMMS
 
Introduction to Azure Web Applications
JoAnna Cheshire
 
SPCA2013 - Developing Provider-Hosted Apps for SharePoint 2013
NCCOMMS
 
Real World SharePoint Add-In Development
Eric Shupps
 
Pushing the Boundaries - A Deep-Dive into Real-World SharePoint Add-In and Ap...
Eric Shupps
 
Building Apps for SharePoint 2013 by Andrew Connell - SPTechCon
SPTechCon
 
Authentication across the Atlassian Ecosystem - AtlasCamp 2011
Atlassian
 
Developer’s Independence Day: Introducing the SharePoint App Model
bgerman
 
SharePoint 2013 “App Model” Developing and Deploying Provider Hosted Apps
Sanjay Patel
 
Developing a Provider Hosted SharePoint app
Talbott Crowell
 
How Joomla and Microsoft are a Great Open Source Success
Cory Fowler
 
Lessons learned from running massive WordPress sites at scale
Cory Fowler
 
Share point 2013 new and improved
Eric Shupps
 
SharePoint 2013 - A Real World Help Desk App End to End
Eric Shupps
 
The SharePoint Survival Guide Top 10
Eric Shupps
 
Office Development Licensing, Deployment and ALM
Eric Shupps
 

Similar to SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoint 2013 (20)

PDF
Who Are You and What Do You Want? Working with OAuth in SharePoint 2013.
Eric Shupps
 
PDF
SPS Houston - Who Are You and What Do You Want? Working With OAuth in SharePo...
Eric Shupps
 
PDF
TechEd NA 2014 - DEVB389 - Working with OAuth in SharePoint 2013
Eric Shupps
 
PPTX
Office Track: SharePoint Apps for the IT Pro - Thomas Vochten
ITProceed
 
PPTX
Understanding SharePoint Apps, authentication and authorization infrastructur...
SPC Adriatics
 
PPTX
Securing SharePoint Apps with OAuth
Kashif Imran
 
PPTX
SharePoint 2013 Apps and the App Model
James Tramel
 
PPTX
Tutorial: Building Apps for SharePoint 2013 Inside and Outside of the Firewal...
SPTechCon
 
PPTX
SharePoint Add-Ins - the Next Level
Paul Schaeflein
 
PPTX
Spsbe15 high-trust apps for on-premises development
BIWUG
 
PPTX
SPS Belgium 2015 - High-trust Apps for On-Premises Development
Edin Kapic
 
PDF
Developing an intranet on office 365
Eric Shupps
 
PPTX
Oauth and SharePoint 2013 Provider Hosted apps
James Tramel
 
PPTX
Deep Dive into Office 365 API for Azure AD
Paul Schaeflein
 
PPTX
High-Trust Add-Ins SharePoint for On-Premises Development
Edin Kapic
 
PDF
SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...
NCCOMMS
 
PPTX
Office 365 Authentication Process (oAuth Service Integration) - iXora Tech Se...
iXora Solution Ltd.
 
PDF
Building SharePoint 2013 Apps - Architecture, Authentication & Connectivity API
SharePointRadi
 
PPTX
Devteach 2017 OAuth and Open id connect demystified
Taswar Bhatti
 
PPTX
Oauth2 and OWSM OAuth2 support
Gaurav Sharma
 
Who Are You and What Do You Want? Working with OAuth in SharePoint 2013.
Eric Shupps
 
SPS Houston - Who Are You and What Do You Want? Working With OAuth in SharePo...
Eric Shupps
 
TechEd NA 2014 - DEVB389 - Working with OAuth in SharePoint 2013
Eric Shupps
 
Office Track: SharePoint Apps for the IT Pro - Thomas Vochten
ITProceed
 
Understanding SharePoint Apps, authentication and authorization infrastructur...
SPC Adriatics
 
Securing SharePoint Apps with OAuth
Kashif Imran
 
SharePoint 2013 Apps and the App Model
James Tramel
 
Tutorial: Building Apps for SharePoint 2013 Inside and Outside of the Firewal...
SPTechCon
 
SharePoint Add-Ins - the Next Level
Paul Schaeflein
 
Spsbe15 high-trust apps for on-premises development
BIWUG
 
SPS Belgium 2015 - High-trust Apps for On-Premises Development
Edin Kapic
 
Developing an intranet on office 365
Eric Shupps
 
Oauth and SharePoint 2013 Provider Hosted apps
James Tramel
 
Deep Dive into Office 365 API for Azure AD
Paul Schaeflein
 
High-Trust Add-Ins SharePoint for On-Premises Development
Edin Kapic
 
SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...
NCCOMMS
 
Office 365 Authentication Process (oAuth Service Integration) - iXora Tech Se...
iXora Solution Ltd.
 
Building SharePoint 2013 Apps - Architecture, Authentication & Connectivity API
SharePointRadi
 
Devteach 2017 OAuth and Open id connect demystified
Taswar Bhatti
 
Oauth2 and OWSM OAuth2 support
Gaurav Sharma
 
Ad

More from Eric Shupps (20)

PPTX
Microsoft Ignite 2022 - Scaling, Securing, Managing, and Publishing Power Pla...
Eric Shupps
 
PPTX
Scaling, Securing, Managing, and Publishing Power Platform Custom Connectors....
Eric Shupps
 
PDF
A Beginners Guide to Custom Connectors for Power Apps and Power Automate
Eric Shupps
 
PDF
App to AppExchange - A Journey from Idea to Market for Salesforce Developers
Eric Shupps
 
PPTX
Beginners Guide to Custom Connectors for Power Apps and Power Automate
Eric Shupps
 
PPTX
OSW06 - A Real World Guide to Building Highly Available Fault Tolerant ShareP...
Eric Shupps
 
PPTX
OSH01 - Developing SharePoint Framework Solutions for the Enterprise
Eric Shupps
 
PPTX
Mastering Modern Authentication and Authorization Techniques for SharePoint, ...
Eric Shupps
 
PPTX
Developing SharePoint Framework Solutions for the Enterprise (SPC 2019)
Eric Shupps
 
PPTX
Developing SharePoint Framework Solutions for the Enterprise - SEF 2019
Eric Shupps
 
PPTX
SharePoint and Office 365 Development Workshop
Eric Shupps
 
PPTX
ECS 2018: Introduction to Azure Web Applications
Eric Shupps
 
POTX
SharePoint 24x7x365 Architecting for High Availability, Fault Tolerance and D...
Eric Shupps
 
PPTX
Overcoming Gender Imbalance in the Technical Field
Eric Shupps
 
POTX
Mastering Modern Authentication and Authorization for SharePoint and Office A...
Eric Shupps
 
PPTX
Enterprise Content Management Solutions in SharePoint and Office 365
Eric Shupps
 
PPTX
Introduction to the Office Dev PnP Core Libraries
Eric Shupps
 
PPTX
From Zero to Hero: A Real World Guide to Building High Availability SharePoin...
Eric Shupps
 
PPTX
SharePoint and Office 365 Performance Best Practices
Eric Shupps
 
PPTX
Introduction to Azure Web Applications for Office and SharePoint Developers
Eric Shupps
 
Microsoft Ignite 2022 - Scaling, Securing, Managing, and Publishing Power Pla...
Eric Shupps
 
Scaling, Securing, Managing, and Publishing Power Platform Custom Connectors....
Eric Shupps
 
A Beginners Guide to Custom Connectors for Power Apps and Power Automate
Eric Shupps
 
App to AppExchange - A Journey from Idea to Market for Salesforce Developers
Eric Shupps
 
Beginners Guide to Custom Connectors for Power Apps and Power Automate
Eric Shupps
 
OSW06 - A Real World Guide to Building Highly Available Fault Tolerant ShareP...
Eric Shupps
 
OSH01 - Developing SharePoint Framework Solutions for the Enterprise
Eric Shupps
 
Mastering Modern Authentication and Authorization Techniques for SharePoint, ...
Eric Shupps
 
Developing SharePoint Framework Solutions for the Enterprise (SPC 2019)
Eric Shupps
 
Developing SharePoint Framework Solutions for the Enterprise - SEF 2019
Eric Shupps
 
SharePoint and Office 365 Development Workshop
Eric Shupps
 
ECS 2018: Introduction to Azure Web Applications
Eric Shupps
 
SharePoint 24x7x365 Architecting for High Availability, Fault Tolerance and D...
Eric Shupps
 
Overcoming Gender Imbalance in the Technical Field
Eric Shupps
 
Mastering Modern Authentication and Authorization for SharePoint and Office A...
Eric Shupps
 
Enterprise Content Management Solutions in SharePoint and Office 365
Eric Shupps
 
Introduction to the Office Dev PnP Core Libraries
Eric Shupps
 
From Zero to Hero: A Real World Guide to Building High Availability SharePoin...
Eric Shupps
 
SharePoint and Office 365 Performance Best Practices
Eric Shupps
 
Introduction to Azure Web Applications for Office and SharePoint Developers
Eric Shupps
 
Ad

Recently uploaded (20)

PPTX
Q2 FY26 Tableau User Group Leader Quarterly Call
lward7
 
PPT
Interview paper part 3, It is based on Interview Prep
SoumyadeepGhosh39
 
PDF
[Newgen] NewgenONE Marvin Brochure 1.pdf
darshakparmar
 
PDF
NewMind AI - Journal 100 Insights After The 100th Issue
NewMind AI
 
PDF
Empower Inclusion Through Accessible Java Applications
Ana-Maria Mihalceanu
 
PPTX
MSP360 Backup Scheduling and Retention Best Practices.pptx
MSP360
 
PDF
CIFDAQ Token Spotlight for 9th July 2025
CIFDAQ
 
PDF
SWEBOK Guide and Software Services Engineering Education
Hironori Washizaki
 
PDF
New from BookNet Canada for 2025: BNC BiblioShare - Tech Forum 2025
BookNet Canada
 
PDF
LLMs.txt: Easily Control How AI Crawls Your Site
Keploy
 
PDF
Smart Trailers 2025 Update with History and Overview
Paul Menig
 
PDF
Blockchain Transactions Explained For Everyone
CIFDAQ
 
PDF
Presentation - Vibe Coding The Future of Tech
yanuarsinggih1
 
PDF
Jak MƚP w Europie ƚrodkowo-Wschodniej odnajdują się w ƛwiecie AI
dominikamizerska1
 
PDF
DevBcn - Building 10x Organizations Using Modern Productivity Metrics
Justin Reock
 
PDF
The Builder’s Playbook - 2025 State of AI Report.pdf
jeroen339954
 
PDF
July Patch Tuesday
Ivanti
 
PDF
Using FME to Develop Self-Service CAD Applications for a Major UK Police Force
Safe Software
 
PDF
Agentic AI lifecycle for Enterprise Hyper-Automation
Debmalya Biswas
 
PDF
CIFDAQ Market Insights for July 7th 2025
CIFDAQ
 
Q2 FY26 Tableau User Group Leader Quarterly Call
lward7
 
Interview paper part 3, It is based on Interview Prep
SoumyadeepGhosh39
 
[Newgen] NewgenONE Marvin Brochure 1.pdf
darshakparmar
 
NewMind AI - Journal 100 Insights After The 100th Issue
NewMind AI
 
Empower Inclusion Through Accessible Java Applications
Ana-Maria Mihalceanu
 
MSP360 Backup Scheduling and Retention Best Practices.pptx
MSP360
 
CIFDAQ Token Spotlight for 9th July 2025
CIFDAQ
 
SWEBOK Guide and Software Services Engineering Education
Hironori Washizaki
 
New from BookNet Canada for 2025: BNC BiblioShare - Tech Forum 2025
BookNet Canada
 
LLMs.txt: Easily Control How AI Crawls Your Site
Keploy
 
Smart Trailers 2025 Update with History and Overview
Paul Menig
 
Blockchain Transactions Explained For Everyone
CIFDAQ
 
Presentation - Vibe Coding The Future of Tech
yanuarsinggih1
 
Jak MƚP w Europie ƚrodkowo-Wschodniej odnajdują się w ƛwiecie AI
dominikamizerska1
 
DevBcn - Building 10x Organizations Using Modern Productivity Metrics
Justin Reock
 
The Builder’s Playbook - 2025 State of AI Report.pdf
jeroen339954
 
July Patch Tuesday
Ivanti
 
Using FME to Develop Self-Service CAD Applications for a Major UK Police Force
Safe Software
 
Agentic AI lifecycle for Enterprise Hyper-Automation
Debmalya Biswas
 
CIFDAQ Market Insights for July 7th 2025
CIFDAQ
 

SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoint 2013

  • 1. Who Are You and What Do You Want? Working with OAuth in SharePoint 2013
  • 7. User requests access App requests Request Token Provider returns Request Token App builds auth link w/ Request Token User requests URL + Request Token Provider returns access token User requests URL + Access Token App validates access token Access token validated User granted access 1 2 3
  • 8. User requests access App requests Request Token Provider returns Request Token App builds auth link w/ Request Token User requests URL + Access Token App validates access token Access token validated User granted access 1 2
  • 11. Manages identity information for principals (STS)Identity Provider Handles requests for trusted identity claimsSecurity Token Service Identity provider associated with a web applicationIdentity Token Issuer Trusted resource (farm, server, etc.)Security Token Issuer Resource information and signing certificate (JSON)Metadata Endpoint Used to request permission to protected resourceRequest Token Used by App to access resource on behalf of userAccess Token Operation scope for authorizationRealm Cloud-based security token service (IP-STS)Azure ACS
  • 14. Farms
  • 15. COLLABORATE My Sites Content Distributed Roles Enterprise Features Managed Metadata Search Shared Service Applications Request Management
  • 16. Consumer Export Root & STS Certificates Copy Certificates Import root certificate(s) and create trusted root authority Provider Export Root Certificate Copy Certificates Import STS Certificate Create Trusted Service Token Issuer Import root certificate(s) and create trusted root authority
  • 17. Consumer Provider Create Trusted Root Authority Set Authentication Realm Create Trusted Security Token Issuer Create App Principals Create Trusted Root Authority Create Trusted Security Token Issuer
  • 21. Certificates Metadata Create security token issuer Assign app principal permissions Install client components Export/Import certificates Create root authorities Execute configuration scripts Execute configuration scripts
  • 24. App establishes context SP validates S2S trust App requests access token from SP Browser POSTS parameters to App SP returns parameters User browses to App
  • 25. User Permissions App behaves in context of user Consistent across all requests Specific access rights and scope requested by app App Only Permissions Granted on app installation
  • 26. Establish client context Get access token with S2S Get claims from Windows identity Get request parameters
  • 30. App establishes context ACS provides access token App requests access token from ACS Browser POSTS request token to app SP sends request tokens to browser SP gets request token from ACS User browses to app
  • 31. Get client context from SP with access token Get access token Read and validate context token Parse out Context Token Get POST parameters from SP
  • 34. Description Link OAuth Working Group http://oauth.net/ OAuth Resource Guide http://bit.ly/14CWPNb Authorization and authentication for apps in SharePoint 2013 http://bit.ly/16f8WFh Setting up an OAuth trust between farms in SharePoint 2013 http://bit.ly/12Yr7e3 Plan for server-to-server authentication in SharePoint 2013 http://bit.ly/1chAgFl What’s new in authentication for SharePoint 2013 http://bit.ly/1e6KaYv Creating High-Trust apps with S2S http://bit.ly/18RL8uL Using O365 to Authorize On-Premise Apps http://bit.ly/1fvv1Bo