Scribd Logo
Upload

Welcome to Scribd!

  • Who Are You and What Do You Want - OAuth in SharePoint 2013

    Uploaded by

    Eric Shupps
    128 views35 pages
    Who Are You and What Do You Want - OAuth in SharePoint 2013

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Who Are You and What Do You Want - OAuth in SharePoint 2013

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    128 views35 pages

    Who Are You and What Do You Want - OAuth in SharePoint 2013

    Uploaded by

    Eric Shupps
    Who Are You and What Do You Want - OAuth in SharePoint 2013

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 35

    Who Are You and What Do You Want?

    Working with OAuth in SharePoint 2013


    Sponsored by:
    Visit us on the web at www.binarywave.com
    Real-time application monitoring, event
    management, and operational health
    metrics for Microsoft SharePoint
    Reduce troubleshooting time by up to 30%
    Increase efficiency and improve user satisfaction
    Avoid downtime and costly outages
    Meet or exceed service level agreements
    Maximize investment in current infrastructure
    CKS:DEV
    The
    SharePoint
    Cowboy
    Patterns
    &
    Practices
    Eric Shupps
    www.sharepointcowboy.com eshupps@binarywave.com facebook.com/sharepointcowboy @eshupps
    Introduction
    Farms
    On Premise
    Apps
    OAuth
    +
    SharePoint
    Servers
    Cloud
    Apps
    Agenda
    INTRODUCTION
    authorization
    User requests access App requests
    Request Token
    Provider returns
    Request Token
    App builds auth link
    w/ Request Token
    User requests URL +
    Request Token
    Provider returns
    access token
    User requests URL +
    Access Token
    App validates access
    token
    Access token
    validated
    User granted
    access
    1
    2
    3
    User requests access App requests
    Request Token
    Provider returns
    Request Token
    App builds auth link
    w/ Request Token
    User requests URL +
    Access Token
    App validates access
    token
    Access token
    validated
    User granted
    access
    1
    2
    OAuth in SharePoint 2013
    Manages identity information for principals (STS)
    Identity Provider
    Handles requests for trusted identity claims
    Security Token Service
    Identity provider associated with a web application
    Identity Token Issuer
    Trusted resource (farm, server, etc.)
    Security Token Issuer
    Resource information and signing certificate (JSON)
    Metadata Endpoint
    Used to request permission to protected resource
    Request Token
    Used by App to access resource on behalf of user
    Access Token
    Operation scope for authorization
    Realm
    Cloud-based security token service (IP-STS)
    Azure ACS
    Farms
    My Sites
    Content
    Distributed Roles
    Enterprise Features
    Managed Metadata
    Search
    Shared Service Applications
    Request Management
    Consumer
    Export Root & STS Certificates
    Copy Certificates
    Import root certificate(s) and
    create trusted root authority
    Provider
    Export Root Certificate
    Copy Certificates
    Import STS Certificate
    Create Trusted Service Token
    Issuer
    Import root certificate(s) and
    create trusted root authority
    Consumer Provider
    Create Trusted Root Authority
    Set Authentication Realm
    Create Trusted Security Token
    Issuer
    Create App Principals
    Create Trusted Root Authority
    Create Trusted Security Token
    Issuer
    Servers
    Other
    Lync
    Office Web Applications
    Workflow
    Servers
    Exchange
    Certificates Metadata
    Create security token issuer
    Assign app principal permissions
    Install client components
    Export/Import certificates
    Create root authorities
    Execute configuration scripts
    Execute configuration scripts
    On-Premise Apps
    App establishes context
    SP validates S2S trust
    App requests access token from SP
    Browser POSTS parameters to App
    SP returns parameters
    User browses to App
    User Permissions
    App behaves in context of user
    Consistent across all requests
    Specific access rights and
    scope requested by app
    App Only Permissions
    Granted on app installation
    Establish client context
    Get access token with S2S
    Get claims from Windows identity
    Get request parameters
    Cloud Apps
    App establishes context
    ACS provides access token
    App requests access token from ACS
    Browser POSTS request token to app
    SP sends request tokens to browser
    SP gets request token from ACS
    User browses to app
    Get client context from SP with access token
    Get access token
    Read and validate context token
    Parse out Context Token
    Get POST parameters from SP
    Description Link
    OAuth Working Group http://oauth.net/
    OAuth Resource Guide http://bit.ly/14CWPNb
    Authorization and authentication for apps in SharePoint 2013 http://bit.ly/16f8WFh
    Setting up an OAuth trust between farms in SharePoint 2013 http://bit.ly/12Yr7e3
    Plan for server-to-server authentication in SharePoint 2013 http://bit.ly/1chAgFl
    Whats new in authentication for SharePoint 2013 http://bit.ly/1e6KaYv
    Creating High-Trust apps with S2S http://bit.ly/18RL8uL
    Using O365 to Authorize On-Premise Apps http://bit.ly/1fvv1Bo

    You might also like