Wednesday, November 7, 2012

OAuth in SharePoint 2013

In this blog we will discuss about What is OAuth in SharePoint 2013. You can also check some new features of SharePoint 2013 as well as hardware and software requirements in SharePoint 2013.

When a user signs in to SharePoint 2013, the user's token is validated and then used to sign in to SharePoint. The user's token is a security token that is issued by an identity provider.In the case of app authentication, the authentication process verifies a claim that is made by a subject that it should be allowed to act on behalf of a given principal. Apps can be authenticated in several different ways. When a call is made to an app web, if the call is an OAuth call, SharePoint 2013 uses the Windows Azure Access Control Service (ACS) as the app identity provider.

OAuth is an open protocol for authorization. OAuth enables secure authorization from desktop and web applications in a simple and standard way. OAuth enables users to approve an application to act on their behalf without sharing their user name and password. It allows users to use resources like contact list, documents, photos, videos etc that are stored on one site with another site, without users having to provide their credentials.

OAuth enables users to authorize the service provider to provide tokens instead of credentials  to their data that is hosted by a given service provider. Each token grants access to a specific site for specific resources and for a defined duration.

OAuth is required in following cases:
- To authorize requests by an app for SharePoint to access SharePoint resources on behalf of a  user.
- To authenticate apps in the Office Store, an app catalog, or a developer tenant.

Follow for more reference:

Twitter Delicious Facebook Digg Favorites More