SlideShare a Scribd company logo

Oauth and SharePoint 2013 Provider Hosted apps

Download as PPTX, PDF
James Tramel
James Tramel

A deep dive into Oauth and a look at provider hosted apps in SharePoint 2013, including how to host an app in Azure, but added to SharePoint

SoftwareTechnology
1 of 39
630 Freedom Business Center Drive 3rd Floor King of Prussia, PA 19406 ©2013 CapTech Ventures www.captechconsulting.com Tri-State SharePoint SharePoint 2013 Auth – Giving an app a first class identity James Tramel May 14, 2013
©2012 CapTech Ventures, Inc. All rights reserved. CapTech • Philadelphia, DC, Richmond and Charlotte Based • Practices – MC/SI/DMBI - thought leadership • Technology agnostic, several MS folks in SI practice • We’re local and community focused • Philadbundance, Run to Rebuild, United Way Page 2
©2012 CapTech Ventures, Inc. All rights reserved. Agenda Clouds and SharePoint, Clouds and Apps, Clouds and You Oauth – small demo Authorization vs Authentication Oauth, Apps and Identity Hosting and Trust Demo
©2012 CapTech Ventures, Inc. All rights reserved. Cloudy with a chance of meatballs Page 4
©2012 CapTech Ventures, Inc. All rights reserved. The Cloud – compute as a service utility • Bing Maps Data Center in a minute: http://www.youtube.com/watch?v=XbKunHnuIcA • Modular Data Center Overview: http://www.youtube.com/watch?v=LiMq_5L1MQg • Inside a Modular Data Center: http://www.youtube.com/watch?v=nIliMskAHro Page 5
©2012 CapTech Ventures, Inc. All rights reserved. What is SharePoint? • Application or platform? • What’s the difference between these things: - Office 365, BPOS - SharePoint Online - SharePoint on Premise - SharePoint Hybrid - SharePoint 2010 - SharePoint 2013 - Foundation, Server and Enterprise - SharePoint in Azure, AWS, RackSpace, Cloudshare Page 6
©2012 CapTech Ventures, Inc. All rights reserved. What is SharePoint in relation to the cloud Page 7
©2012 CapTech Ventures, Inc. All rights reserved. Cloud Continuum Page 8
©2012 CapTech Ventures, Inc. All rights reserved. IaaS vs PaaS vs SaaS Page 9
©2012 CapTech Ventures, Inc. All rights reserved. IaaS vs PaaS vs Saas Page 10
©2012 CapTech Ventures, Inc. All rights reserved. Iaas vs PaaS vs SaaS Page 11
©2012 CapTech Ventures, Inc. All rights reserved. 5-3-2 Cloud Page 12
©2012 CapTech Ventures, Inc. All rights reserved. What does this have to do with apps? Page 13
©2012 CapTech Ventures, Inc. All rights reserved. What does this have to do with apps? • Apps in the cloud • Making systems and apps more robust • Tying to the cloud, but you don’t have to • Services working together • How do you make this work? Page 14
©2012 CapTech Ventures, Inc. All rights reserved. What else is going on in the web? • Twitter • Tumblr • Bitly • Facebook • Instagram • Wordpress • Geolocation Page 15
©2012 CapTech Ventures, Inc. All rights reserved. Demo Page 16
©2012 CapTech Ventures, Inc. All rights reserved. Oauth • OAuth is an open standard for authorization • OAuth is not OpenID (authentication/digital ID) • Valet Key • Access Token • Scopes Page 17
©2012 CapTech Ventures, Inc. All rights reserved. What's your P@ssword! • Last time you changed your password? • Benefits of the valet? Page 18
©2012 CapTech Ventures, Inc. All rights reserved. Authentication vs Authorization Page 19 Authentication is the verification of the credentials of the connection attempt •Who is the user? •Is the user really who he/she represents himself to be? Authorization is the verification that the connection attempt is allowed •Is user X authorized to access resource R? •Is user X authorized to perform operation P? •Is user X authorized to perform operation P on resource R?
©2012 CapTech Ventures, Inc. All rights reserved. SharePoint 2010 Authentication • Authentication - Windows (NT, Kerberos, Anonymous, Basic, Digest) - Forms (LDAP, SQL, Custom) - SAML (ADFS, Custom, LDAP) • Development - Farm (full trust) - Sandbox (some trust) - Rest/API (no trust – except where given, COM) Page 20
©2012 CapTech Ventures, Inc. All rights reserved. SP 2013 Auth Claims, Claims, Claims • Classic is no more, or on its way out • Distributed Cache Server to Server • Exchange, Lync App Authentication (App Model / App Catalog / CSOM) • Create apps that use Oauth or other identity provider • App Permission Policies (User/App, App Only, User Only) Page 21
©2012 CapTech Ventures, Inc. All rights reserved. Oauth Terms • Client app - Remote app that needs site perms • Content owner - User who grants perms to content • Content Server - Web server where content is • Auth Server - Trusted server that authenticates apps and creates oauth tokens Page 22
©2012 CapTech Ventures, Inc. All rights reserved. The Dance – how this works for Apps Page 23
©2012 CapTech Ventures, Inc. All rights reserved. Low Trust Apps in SharePoint 2013 Page 24
©2012 CapTech Ventures, Inc. All rights reserved. BCS Hybrid and Oauth – The Dance (Example) Page 25
©2012 CapTech Ventures, Inc. All rights reserved. Apps are people too • Apps have permission like users • App principle is like a user identify – a security principle • Apps are granted perms - Differ than users - All or nothing / No hierarchy • Apps have default perms - App can run app web - App can include permissions - Install grants / denies permission Page 26
©2012 CapTech Ventures, Inc. All rights reserved. Access Tokens • Access tokens are issued by the OAuth security token service (STS). - An example of OAuth STS is Windows Azure Access Control Service (ACS) OAuth endpoints. - In contrast, the WS-Federation STS and the Security Assertion Markup Language (SAML) passive sign-in STS are primarily intended to issue sign-in tokens • What’s a token? Page 27
©2012 CapTech Ventures, Inc. All rights reserved. Identity Page 28
©2012 CapTech Ventures, Inc. All rights reserved. When is using OAuth required? • To authorize requests by an app for SharePoint to access SharePoint resources on behalf of a user. • To authenticate apps in the Office Store, an app catalog, or a developer tenant. Page 29
©2012 CapTech Ventures, Inc. All rights reserved. Plan for App Authentication App authentication is the validation of an external app for SharePoint's identity and the authorization of both the app and an associated user when the app requests access to a secured SharePoint resource • Verify that the requesting app is trusted. • Verify that the type of access that the app is requesting is authorized. Page 30
©2012 CapTech Ventures, Inc. All rights reserved. Types of Hosting options Page 31
©2012 CapTech Ventures, Inc. All rights reserved. Types of hosting Page 32
©2012 CapTech Ventures, Inc. All rights reserved. Trust Relationships for hosting optoins • Autohosted - Autohosted apps run as a web role in Windows Azure and use the Windows Azure Access Control Service (ACS) to obtain the access token. • Provider-hosted - Provider-hosted apps run on their own servers on the Internet or your intranet, are registered with Windows Azure, and use ACS to obtain the access token. • SharePoint-hosted - Sharepoint hosted apps run in an appweb, can have client side code but not server side code. Developer must use certificates or create their own trust Page 33
©2012 CapTech Ventures, Inc. All rights reserved. High Trust vs Low Trust • High-trust apps - High-trust apps run on stand-alone servers on your intranet and use a signing certificate to digitally sign the access tokens that the app generates. Typically server to server. • Low-Trust apps - Low trust apps can run anywhere and run on an Oauth code flow to delegate limited rights to apps to act as users. SharePoint and client application must trust and communicate with an authentication provider such as azure active directory. Page 34
©2012 CapTech Ventures, Inc. All rights reserved. Demo • Setting up a provider hosted app to run in Azure Page 35
©2012 CapTech Ventures, Inc. All rights reserved. References • MSDN, Technet, Microsoft, Wikipedia • Robert G Carter, Duke Uniersity OIT • Connecting a PaaS Application to an IaaS application with a Virtual Network – Yung Chou, MS Tech Evangelist • Introduction to Windows Azure Virtual Machines – Keith Mayer, MS Developer Evangelist • Creating a SharePoint Server 2013 Environment for Development and Testing – Critical Path • SharePoint 2013 Developer Ramp Up – Plural Sight, Andrew Connell Page 36
©2012 CapTech Ventures, Inc. All rights reserved. Yes You can • Premium Subscriber • Free Account in Azure Page 37
©2012 CapTech Ventures, Inc. All rights reserved. Do it • Client - Powershell • Azure cmdlets • Import azure module • Get/set azure publishing settings - Visual Studio 2012 • Azure toolkit • Office Developer Tools Page 38 Azure • Affinity Group • Storage • DNS • Network • Active Directory
©2012 CapTech Ventures, Inc. All rights reserved. SharePoint Demo Page 39

Recommended

OAuth in SharePoint 2013
OAuth in SharePoint 2013OAuth in SharePoint 2013
OAuth in SharePoint 2013Dinusha Kumarasiri
 
SharePoint 2013 APIs demystified
SharePoint 2013 APIs demystifiedSharePoint 2013 APIs demystified
SharePoint 2013 APIs demystifiedSPC Adriatics
 
Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...SPC Adriatics
 
Designing for SharePoint Provider Hosted Apps
Designing for SharePoint Provider Hosted AppsDesigning for SharePoint Provider Hosted Apps
Designing for SharePoint Provider Hosted AppsRoy Kim
 
Developer’s Independence Day: Introducing the SharePoint App Model
Developer’s Independence Day: Introducing the SharePoint App ModelDeveloper’s Independence Day: Introducing the SharePoint App Model
Developer’s Independence Day: Introducing the SharePoint App Modelbgerman
 
Developing SharePoint 2013 apps with Visual Studio 2012 - Microsoft TechDays ...
Developing SharePoint 2013 apps with Visual Studio 2012 - Microsoft TechDays ...Developing SharePoint 2013 apps with Visual Studio 2012 - Microsoft TechDays ...
Developing SharePoint 2013 apps with Visual Studio 2012 - Microsoft TechDays ...Bram de Jager
 
App Model For SharePoint 2013
App Model For SharePoint 2013App Model For SharePoint 2013
App Model For SharePoint 2013Toni Il Caiser
 
Building Apps for SharePoint 2013 by Andrew Connell - SPTechCon
Building Apps for SharePoint 2013 by Andrew Connell - SPTechConBuilding Apps for SharePoint 2013 by Andrew Connell - SPTechCon
Building Apps for SharePoint 2013 by Andrew Connell - SPTechConSPTechCon
 

Recommended

OAuth in SharePoint 2013
OAuth in SharePoint 2013OAuth in SharePoint 2013
OAuth in SharePoint 2013Dinusha Kumarasiri
 
SharePoint 2013 APIs demystified
SharePoint 2013 APIs demystifiedSharePoint 2013 APIs demystified
SharePoint 2013 APIs demystifiedSPC Adriatics
 
Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...SPC Adriatics
 
Designing for SharePoint Provider Hosted Apps
Designing for SharePoint Provider Hosted AppsDesigning for SharePoint Provider Hosted Apps
Designing for SharePoint Provider Hosted AppsRoy Kim
 
Developer’s Independence Day: Introducing the SharePoint App Model
Developer’s Independence Day: Introducing the SharePoint App ModelDeveloper’s Independence Day: Introducing the SharePoint App Model
Developer’s Independence Day: Introducing the SharePoint App Modelbgerman
 
Developing SharePoint 2013 apps with Visual Studio 2012 - Microsoft TechDays ...
Developing SharePoint 2013 apps with Visual Studio 2012 - Microsoft TechDays ...Developing SharePoint 2013 apps with Visual Studio 2012 - Microsoft TechDays ...
Developing SharePoint 2013 apps with Visual Studio 2012 - Microsoft TechDays ...Bram de Jager
 
App Model For SharePoint 2013
App Model For SharePoint 2013App Model For SharePoint 2013
App Model For SharePoint 2013Toni Il Caiser
 
Building Apps for SharePoint 2013 by Andrew Connell - SPTechCon
Building Apps for SharePoint 2013 by Andrew Connell - SPTechConBuilding Apps for SharePoint 2013 by Andrew Connell - SPTechCon
Building Apps for SharePoint 2013 by Andrew Connell - SPTechConSPTechCon
 
SharePoint 2013 “App Model” Developing and Deploying Provider Hosted Apps
SharePoint 2013 “App Model” Developing and Deploying Provider Hosted AppsSharePoint 2013 “App Model” Developing and Deploying Provider Hosted Apps
SharePoint 2013 “App Model” Developing and Deploying Provider Hosted AppsSanjay Patel
 
Identity Management in SharePoint 2013
Identity Management in SharePoint 2013Identity Management in SharePoint 2013
Identity Management in SharePoint 2013SPC Adriatics
 
Building SharePoint 2013 Apps - Architecture, Authentication & Connectivity API
Building SharePoint 2013 Apps - Architecture, Authentication & Connectivity APIBuilding SharePoint 2013 Apps - Architecture, Authentication & Connectivity API
Building SharePoint 2013 Apps - Architecture, Authentication & Connectivity APISharePointRadi
 
Developing a Provider Hosted SharePoint app
Developing a Provider Hosted SharePoint appDeveloping a Provider Hosted SharePoint app
Developing a Provider Hosted SharePoint appTalbott Crowell
 
Developing SharePoint 2013 apps with Visual Studio 2012 - SharePoint Connecti...
Developing SharePoint 2013 apps with Visual Studio 2012 - SharePoint Connecti...Developing SharePoint 2013 apps with Visual Studio 2012 - SharePoint Connecti...
Developing SharePoint 2013 apps with Visual Studio 2012 - SharePoint Connecti...Bram de Jager
 
Apps 101 - Moving to the SharePoint 2013 App Model - Presented 7/27/13 at Sha...
Apps 101 - Moving to the SharePoint 2013 App Model - Presented 7/27/13 at Sha...Apps 101 - Moving to the SharePoint 2013 App Model - Presented 7/27/13 at Sha...
Apps 101 - Moving to the SharePoint 2013 App Model - Presented 7/27/13 at Sha...BlueMetalInc
 
Developing hybrid SharePoint apps that run on-premise and in the cloud - Bram...
Developing hybrid SharePoint apps that run on-premise and in the cloud - Bram...Developing hybrid SharePoint apps that run on-premise and in the cloud - Bram...
Developing hybrid SharePoint apps that run on-premise and in the cloud - Bram...Bram de Jager
 
SPS Belgium 2015 - High-trust Apps for On-Premises Development
SPS Belgium 2015 - High-trust Apps for On-Premises DevelopmentSPS Belgium 2015 - High-trust Apps for On-Premises Development
SPS Belgium 2015 - High-trust Apps for On-Premises DevelopmentEdin Kapic
 
SPCA2013 - Developing Provider-Hosted Apps for SharePoint 2013
SPCA2013 - Developing Provider-Hosted Apps for SharePoint 2013SPCA2013 - Developing Provider-Hosted Apps for SharePoint 2013
SPCA2013 - Developing Provider-Hosted Apps for SharePoint 2013NCCOMMS
 
SharePoint 2013 apps overview
SharePoint 2013 apps overviewSharePoint 2013 apps overview
SharePoint 2013 apps overviewElie Kash
 
Developing hybrid SharePoint apps that run on-premise and in the cloud - ESPC...
Developing hybrid SharePoint apps that run on-premise and in the cloud - ESPC...Developing hybrid SharePoint apps that run on-premise and in the cloud - ESPC...
Developing hybrid SharePoint apps that run on-premise and in the cloud - ESPC...Bram de Jager
 
Securing SharePoint Apps with OAuth
Securing SharePoint Apps with OAuthSecuring SharePoint Apps with OAuth
Securing SharePoint Apps with OAuthKashif Imran
 
Visio Services in SharePoint 2010
Visio Services in SharePoint 2010Visio Services in SharePoint 2010
Visio Services in SharePoint 2010Alexander Meijers
 
O365Con18 - Reach for the Cloud Build Solutions with the Power of Microsoft G...
O365Con18 - Reach for the Cloud Build Solutions with the Power of Microsoft G...O365Con18 - Reach for the Cloud Build Solutions with the Power of Microsoft G...
O365Con18 - Reach for the Cloud Build Solutions with the Power of Microsoft G...NCCOMMS
 
O365Con18 - External Collaboration with Azure B2B - Sjoukje Zaal
O365Con18 - External Collaboration with Azure B2B - Sjoukje ZaalO365Con18 - External Collaboration with Azure B2B - Sjoukje Zaal
O365Con18 - External Collaboration with Azure B2B - Sjoukje ZaalNCCOMMS
 
Deep dive into SharePoint 2013 hosted apps - Chris OBrien
Deep dive into SharePoint 2013 hosted apps - Chris OBrienDeep dive into SharePoint 2013 hosted apps - Chris OBrien
Deep dive into SharePoint 2013 hosted apps - Chris OBrienChris O'Brien
 
O365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
O365Con18 - Azure AD Connect Inside and Out - Sander BerkouwerO365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
O365Con18 - Azure AD Connect Inside and Out - Sander BerkouwerNCCOMMS
 
O365Con18 - Hybrid SharePoint Deep Dive - Thomas Vochten
O365Con18 - Hybrid SharePoint Deep Dive - Thomas VochtenO365Con18 - Hybrid SharePoint Deep Dive - Thomas Vochten
O365Con18 - Hybrid SharePoint Deep Dive - Thomas VochtenNCCOMMS
 
Hooking SharePoint APIs with Android
Hooking SharePoint APIs with AndroidHooking SharePoint APIs with Android
Hooking SharePoint APIs with AndroidKris Wagner
 
SharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning ModelsSharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning ModelsShailen Sukul
 
Provider hosted apps - acs
Provider hosted apps - acsProvider hosted apps - acs
Provider hosted apps - acsDavid J Rosenthal
 
Provider Hosted apps - high trust - SharePoint
Provider Hosted apps - high trust - SharePointProvider Hosted apps - high trust - SharePoint
Provider Hosted apps - high trust - SharePointDavid J Rosenthal
 

More Related Content

What's hot

SharePoint 2013 “App Model” Developing and Deploying Provider Hosted Apps
SharePoint 2013 “App Model” Developing and Deploying Provider Hosted AppsSharePoint 2013 “App Model” Developing and Deploying Provider Hosted Apps
SharePoint 2013 “App Model” Developing and Deploying Provider Hosted AppsSanjay Patel
 
Identity Management in SharePoint 2013
Identity Management in SharePoint 2013Identity Management in SharePoint 2013
Identity Management in SharePoint 2013SPC Adriatics
 
Building SharePoint 2013 Apps - Architecture, Authentication & Connectivity API
Building SharePoint 2013 Apps - Architecture, Authentication & Connectivity APIBuilding SharePoint 2013 Apps - Architecture, Authentication & Connectivity API
Building SharePoint 2013 Apps - Architecture, Authentication & Connectivity APISharePointRadi
 
Developing a Provider Hosted SharePoint app
Developing a Provider Hosted SharePoint appDeveloping a Provider Hosted SharePoint app
Developing a Provider Hosted SharePoint appTalbott Crowell
 
Developing SharePoint 2013 apps with Visual Studio 2012 - SharePoint Connecti...
Developing SharePoint 2013 apps with Visual Studio 2012 - SharePoint Connecti...Developing SharePoint 2013 apps with Visual Studio 2012 - SharePoint Connecti...
Developing SharePoint 2013 apps with Visual Studio 2012 - SharePoint Connecti...Bram de Jager
 
Apps 101 - Moving to the SharePoint 2013 App Model - Presented 7/27/13 at Sha...
Apps 101 - Moving to the SharePoint 2013 App Model - Presented 7/27/13 at Sha...Apps 101 - Moving to the SharePoint 2013 App Model - Presented 7/27/13 at Sha...
Apps 101 - Moving to the SharePoint 2013 App Model - Presented 7/27/13 at Sha...BlueMetalInc
 
Developing hybrid SharePoint apps that run on-premise and in the cloud - Bram...
Developing hybrid SharePoint apps that run on-premise and in the cloud - Bram...Developing hybrid SharePoint apps that run on-premise and in the cloud - Bram...
Developing hybrid SharePoint apps that run on-premise and in the cloud - Bram...Bram de Jager
 
SPS Belgium 2015 - High-trust Apps for On-Premises Development
SPS Belgium 2015 - High-trust Apps for On-Premises DevelopmentSPS Belgium 2015 - High-trust Apps for On-Premises Development
SPS Belgium 2015 - High-trust Apps for On-Premises DevelopmentEdin Kapic
 
SPCA2013 - Developing Provider-Hosted Apps for SharePoint 2013
SPCA2013 - Developing Provider-Hosted Apps for SharePoint 2013SPCA2013 - Developing Provider-Hosted Apps for SharePoint 2013
SPCA2013 - Developing Provider-Hosted Apps for SharePoint 2013NCCOMMS
 
SharePoint 2013 apps overview
SharePoint 2013 apps overviewSharePoint 2013 apps overview
SharePoint 2013 apps overviewElie Kash
 
Developing hybrid SharePoint apps that run on-premise and in the cloud - ESPC...
Developing hybrid SharePoint apps that run on-premise and in the cloud - ESPC...Developing hybrid SharePoint apps that run on-premise and in the cloud - ESPC...
Developing hybrid SharePoint apps that run on-premise and in the cloud - ESPC...Bram de Jager
 
Securing SharePoint Apps with OAuth
Securing SharePoint Apps with OAuthSecuring SharePoint Apps with OAuth
Securing SharePoint Apps with OAuthKashif Imran
 
Visio Services in SharePoint 2010
Visio Services in SharePoint 2010Visio Services in SharePoint 2010
Visio Services in SharePoint 2010Alexander Meijers
 
O365Con18 - Reach for the Cloud Build Solutions with the Power of Microsoft G...
O365Con18 - Reach for the Cloud Build Solutions with the Power of Microsoft G...O365Con18 - Reach for the Cloud Build Solutions with the Power of Microsoft G...
O365Con18 - Reach for the Cloud Build Solutions with the Power of Microsoft G...NCCOMMS
 
O365Con18 - External Collaboration with Azure B2B - Sjoukje Zaal
O365Con18 - External Collaboration with Azure B2B - Sjoukje ZaalO365Con18 - External Collaboration with Azure B2B - Sjoukje Zaal
O365Con18 - External Collaboration with Azure B2B - Sjoukje ZaalNCCOMMS
 
Deep dive into SharePoint 2013 hosted apps - Chris OBrien
Deep dive into SharePoint 2013 hosted apps - Chris OBrienDeep dive into SharePoint 2013 hosted apps - Chris OBrien
Deep dive into SharePoint 2013 hosted apps - Chris OBrienChris O'Brien
 
O365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
O365Con18 - Azure AD Connect Inside and Out - Sander BerkouwerO365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
O365Con18 - Azure AD Connect Inside and Out - Sander BerkouwerNCCOMMS
 
O365Con18 - Hybrid SharePoint Deep Dive - Thomas Vochten
O365Con18 - Hybrid SharePoint Deep Dive - Thomas VochtenO365Con18 - Hybrid SharePoint Deep Dive - Thomas Vochten
O365Con18 - Hybrid SharePoint Deep Dive - Thomas VochtenNCCOMMS
 
Hooking SharePoint APIs with Android
Hooking SharePoint APIs with AndroidHooking SharePoint APIs with Android
Hooking SharePoint APIs with AndroidKris Wagner
 
SharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning ModelsSharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning ModelsShailen Sukul
 

What's hot (20)

SharePoint 2013 “App Model” Developing and Deploying Provider Hosted Apps
SharePoint 2013 “App Model” Developing and Deploying Provider Hosted AppsSharePoint 2013 “App Model” Developing and Deploying Provider Hosted Apps
SharePoint 2013 “App Model” Developing and Deploying Provider Hosted Apps
 
Identity Management in SharePoint 2013
Identity Management in SharePoint 2013Identity Management in SharePoint 2013
Identity Management in SharePoint 2013
 
Building SharePoint 2013 Apps - Architecture, Authentication & Connectivity API
Building SharePoint 2013 Apps - Architecture, Authentication & Connectivity APIBuilding SharePoint 2013 Apps - Architecture, Authentication & Connectivity API
Building SharePoint 2013 Apps - Architecture, Authentication & Connectivity API
 
Developing a Provider Hosted SharePoint app
Developing a Provider Hosted SharePoint appDeveloping a Provider Hosted SharePoint app
Developing a Provider Hosted SharePoint app
 
Developing SharePoint 2013 apps with Visual Studio 2012 - SharePoint Connecti...
Developing SharePoint 2013 apps with Visual Studio 2012 - SharePoint Connecti...Developing SharePoint 2013 apps with Visual Studio 2012 - SharePoint Connecti...
Developing SharePoint 2013 apps with Visual Studio 2012 - SharePoint Connecti...
 
Apps 101 - Moving to the SharePoint 2013 App Model - Presented 7/27/13 at Sha...
Apps 101 - Moving to the SharePoint 2013 App Model - Presented 7/27/13 at Sha...Apps 101 - Moving to the SharePoint 2013 App Model - Presented 7/27/13 at Sha...
Apps 101 - Moving to the SharePoint 2013 App Model - Presented 7/27/13 at Sha...
 
Developing hybrid SharePoint apps that run on-premise and in the cloud - Bram...
Developing hybrid SharePoint apps that run on-premise and in the cloud - Bram...Developing hybrid SharePoint apps that run on-premise and in the cloud - Bram...
Developing hybrid SharePoint apps that run on-premise and in the cloud - Bram...
 
SPS Belgium 2015 - High-trust Apps for On-Premises Development
SPS Belgium 2015 - High-trust Apps for On-Premises DevelopmentSPS Belgium 2015 - High-trust Apps for On-Premises Development
SPS Belgium 2015 - High-trust Apps for On-Premises Development
 
SPCA2013 - Developing Provider-Hosted Apps for SharePoint 2013
SPCA2013 - Developing Provider-Hosted Apps for SharePoint 2013SPCA2013 - Developing Provider-Hosted Apps for SharePoint 2013
SPCA2013 - Developing Provider-Hosted Apps for SharePoint 2013
 
SharePoint 2013 apps overview
SharePoint 2013 apps overviewSharePoint 2013 apps overview
SharePoint 2013 apps overview
 
Developing hybrid SharePoint apps that run on-premise and in the cloud - ESPC...
Developing hybrid SharePoint apps that run on-premise and in the cloud - ESPC...Developing hybrid SharePoint apps that run on-premise and in the cloud - ESPC...
Developing hybrid SharePoint apps that run on-premise and in the cloud - ESPC...
 
Securing SharePoint Apps with OAuth
Securing SharePoint Apps with OAuthSecuring SharePoint Apps with OAuth
Securing SharePoint Apps with OAuth
 
Visio Services in SharePoint 2010
Visio Services in SharePoint 2010Visio Services in SharePoint 2010
Visio Services in SharePoint 2010
 
O365Con18 - Reach for the Cloud Build Solutions with the Power of Microsoft G...
O365Con18 - Reach for the Cloud Build Solutions with the Power of Microsoft G...O365Con18 - Reach for the Cloud Build Solutions with the Power of Microsoft G...
O365Con18 - Reach for the Cloud Build Solutions with the Power of Microsoft G...
 
O365Con18 - External Collaboration with Azure B2B - Sjoukje Zaal
O365Con18 - External Collaboration with Azure B2B - Sjoukje ZaalO365Con18 - External Collaboration with Azure B2B - Sjoukje Zaal
O365Con18 - External Collaboration with Azure B2B - Sjoukje Zaal
 
Deep dive into SharePoint 2013 hosted apps - Chris OBrien
Deep dive into SharePoint 2013 hosted apps - Chris OBrienDeep dive into SharePoint 2013 hosted apps - Chris OBrien
Deep dive into SharePoint 2013 hosted apps - Chris OBrien
 
O365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
O365Con18 - Azure AD Connect Inside and Out - Sander BerkouwerO365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
O365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
 
O365Con18 - Hybrid SharePoint Deep Dive - Thomas Vochten
O365Con18 - Hybrid SharePoint Deep Dive - Thomas VochtenO365Con18 - Hybrid SharePoint Deep Dive - Thomas Vochten
O365Con18 - Hybrid SharePoint Deep Dive - Thomas Vochten
 
Hooking SharePoint APIs with Android
Hooking SharePoint APIs with AndroidHooking SharePoint APIs with Android
Hooking SharePoint APIs with Android
 
SharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning ModelsSharePoint 2013 App Provisioning Models
SharePoint 2013 App Provisioning Models
 

Viewers also liked

Provider Hosted apps - high trust - SharePoint
Provider Hosted apps - high trust - SharePointProvider Hosted apps - high trust - SharePoint
Provider Hosted apps - high trust - SharePointDavid J Rosenthal
 
Provider Hosted Apps - cross domain library - SharePoint
Provider Hosted Apps - cross domain library - SharePointProvider Hosted Apps - cross domain library - SharePoint
Provider Hosted Apps - cross domain library - SharePointDavid J Rosenthal
 
Sharepoint 2013 applied architecture from the field (v2)
Sharepoint 2013 applied architecture from the field (v2)Sharepoint 2013 applied architecture from the field (v2)
Sharepoint 2013 applied architecture from the field (v2)Tihomir Ignatov
 
Build and Deploy Provider-hosted SharePoint Add-ins
Build and Deploy Provider-hosted SharePoint Add-insBuild and Deploy Provider-hosted SharePoint Add-ins
Build and Deploy Provider-hosted SharePoint Add-insDanny Jessee
 
SharePoint Fest Chicago 2015 - Anatomy of configuring provider hosted add-in...
SharePoint Fest Chicago 2015 - Anatomy of configuring provider hosted add-in...SharePoint Fest Chicago 2015 - Anatomy of configuring provider hosted add-in...
SharePoint Fest Chicago 2015 - Anatomy of configuring provider hosted add-in...Nik Patel
 
The SharePoint 2013 App Model
The SharePoint 2013 App ModelThe SharePoint 2013 App Model
The SharePoint 2013 App ModelSPC Adriatics
 

Viewers also liked (8)

Provider hosted apps - acs
Provider hosted apps - acsProvider hosted apps - acs
Provider hosted apps - acs
 
Provider Hosted apps - high trust - SharePoint
Provider Hosted apps - high trust - SharePointProvider Hosted apps - high trust - SharePoint
Provider Hosted apps - high trust - SharePoint
 
Provider Hosted Apps - cross domain library - SharePoint
Provider Hosted Apps - cross domain library - SharePointProvider Hosted Apps - cross domain library - SharePoint
Provider Hosted Apps - cross domain library - SharePoint
 
Sharepoint 2013 applied architecture from the field (v2)
Sharepoint 2013 applied architecture from the field (v2)Sharepoint 2013 applied architecture from the field (v2)
Sharepoint 2013 applied architecture from the field (v2)
 
Build and Deploy Provider-hosted SharePoint Add-ins
Build and Deploy Provider-hosted SharePoint Add-insBuild and Deploy Provider-hosted SharePoint Add-ins
Build and Deploy Provider-hosted SharePoint Add-ins
 
SharePoint Fest Chicago 2015 - Anatomy of configuring provider hosted add-in...
SharePoint Fest Chicago 2015 - Anatomy of configuring provider hosted add-in...SharePoint Fest Chicago 2015 - Anatomy of configuring provider hosted add-in...
SharePoint Fest Chicago 2015 - Anatomy of configuring provider hosted add-in...
 
The SharePoint 2013 App Model
The SharePoint 2013 App ModelThe SharePoint 2013 App Model
The SharePoint 2013 App Model
 
SharePoint 2013 and ADFS
SharePoint 2013 and ADFSSharePoint 2013 and ADFS
SharePoint 2013 and ADFS
 

Similar to Oauth and SharePoint 2013 Provider Hosted apps

Who’s Knocking? Identity for APIs, Web and Mobile
Who’s Knocking? Identity for APIs, Web and MobileWho’s Knocking? Identity for APIs, Web and Mobile
Who’s Knocking? Identity for APIs, Web and MobileNordic APIs
 
Federation Services
Federation ServicesFederation Services
Federation ServicesEmpowerID
 
Oauth - Brief Introduction
Oauth - Brief IntroductionOauth - Brief Introduction
Oauth - Brief IntroductionJames Tramel
 
CIS13: Bootcamp: PingOne as a Simple Identity Service
CIS13: Bootcamp: PingOne as a Simple Identity ServiceCIS13: Bootcamp: PingOne as a Simple Identity Service
CIS13: Bootcamp: PingOne as a Simple Identity ServiceCloudIDSummit
 
API, Integration, and SOA Convergence
API, Integration, and SOA ConvergenceAPI, Integration, and SOA Convergence
API, Integration, and SOA ConvergenceKasun Indrasiri
 
Cloud service api design rules presentation
Cloud service api design rules presentationCloud service api design rules presentation
Cloud service api design rules presentationesebeus
 
SharePoint 2013 Apps and the App Model
SharePoint 2013 Apps and the App ModelSharePoint 2013 Apps and the App Model
SharePoint 2013 Apps and the App ModelJames Tramel
 
Proven Practices for Office 365 Deployment, Security and Management
Proven Practices for Office 365 Deployment, Security and ManagementProven Practices for Office 365 Deployment, Security and Management
Proven Practices for Office 365 Deployment, Security and ManagementPerficient, Inc.
 
Market trends in IT - exchange cala - October 2015
Market trends in IT - exchange cala - October 2015Market trends in IT - exchange cala - October 2015
Market trends in IT - exchange cala - October 2015Eduardo Pelegri-Llopart
 
Catalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingCatalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingPing Identity
 
API Security: Does My Business Need OAuth?
API Security: Does My Business Need OAuth?API Security: Does My Business Need OAuth?
API Security: Does My Business Need OAuth?Akana
 
The Automotive Journey Into the Cloud
The Automotive Journey Into the CloudThe Automotive Journey Into the Cloud
The Automotive Journey Into the CloudEmtec Inc.
 
The Automotive Journey Into the Cloud
The Automotive Journey Into the CloudThe Automotive Journey Into the Cloud
The Automotive Journey Into the CloudKim Pike
 
API Security: Does My Business Need OAuth?
API Security: Does My Business Need OAuth?API Security: Does My Business Need OAuth?
API Security: Does My Business Need OAuth?Akana
 
The app of the possible Shailen Sukul MBUG gets Modern Apps and Modern User ...
The app of the possible Shailen Sukul MBUG gets Modern Apps and Modern User ...The app of the possible Shailen Sukul MBUG gets Modern Apps and Modern User ...
The app of the possible Shailen Sukul MBUG gets Modern Apps and Modern User ...CSIRO National AI Centre
 
EduID Mobile App - Use-Cases, Concepts and Implementation
EduID Mobile App - Use-Cases, Concepts and ImplementationEduID Mobile App - Use-Cases, Concepts and Implementation
EduID Mobile App - Use-Cases, Concepts and ImplementationChristian Glahn
 
Gcp intro-20160721
Gcp intro-20160721Gcp intro-20160721
Gcp intro-20160721Haeseung Lee
 
The Case For Next Generation IAM
The Case For Next Generation IAM The Case For Next Generation IAM
The Case For Next Generation IAM Patrick Harding
 
Pelegri Desarrollando en una nueva era de software
Pelegri Desarrollando en una nueva era de software Pelegri Desarrollando en una nueva era de software
Pelegri Desarrollando en una nueva era de software Eduardo Pelegri-Llopart
 

Similar to Oauth and SharePoint 2013 Provider Hosted apps (20)

Who’s Knocking? Identity for APIs, Web and Mobile
Who’s Knocking? Identity for APIs, Web and MobileWho’s Knocking? Identity for APIs, Web and Mobile
Who’s Knocking? Identity for APIs, Web and Mobile
 
Federation Services
Federation ServicesFederation Services
Federation Services
 
SSO Manager
SSO ManagerSSO Manager
SSO Manager
 
Oauth - Brief Introduction
Oauth - Brief IntroductionOauth - Brief Introduction
Oauth - Brief Introduction
 
CIS13: Bootcamp: PingOne as a Simple Identity Service
CIS13: Bootcamp: PingOne as a Simple Identity ServiceCIS13: Bootcamp: PingOne as a Simple Identity Service
CIS13: Bootcamp: PingOne as a Simple Identity Service
 
API, Integration, and SOA Convergence
API, Integration, and SOA ConvergenceAPI, Integration, and SOA Convergence
API, Integration, and SOA Convergence
 
Cloud service api design rules presentation
Cloud service api design rules presentationCloud service api design rules presentation
Cloud service api design rules presentation
 
SharePoint 2013 Apps and the App Model
SharePoint 2013 Apps and the App ModelSharePoint 2013 Apps and the App Model
SharePoint 2013 Apps and the App Model
 
Proven Practices for Office 365 Deployment, Security and Management
Proven Practices for Office 365 Deployment, Security and ManagementProven Practices for Office 365 Deployment, Security and Management
Proven Practices for Office 365 Deployment, Security and Management
 
Market trends in IT - exchange cala - October 2015
Market trends in IT - exchange cala - October 2015Market trends in IT - exchange cala - October 2015
Market trends in IT - exchange cala - October 2015
 
Catalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingCatalyst 2015: Patrick Harding
Catalyst 2015: Patrick Harding
 
API Security: Does My Business Need OAuth?
API Security: Does My Business Need OAuth?API Security: Does My Business Need OAuth?
API Security: Does My Business Need OAuth?
 
The Automotive Journey Into the Cloud
The Automotive Journey Into the CloudThe Automotive Journey Into the Cloud
The Automotive Journey Into the Cloud
 
The Automotive Journey Into the Cloud
The Automotive Journey Into the CloudThe Automotive Journey Into the Cloud
The Automotive Journey Into the Cloud
 
API Security: Does My Business Need OAuth?
API Security: Does My Business Need OAuth?API Security: Does My Business Need OAuth?
API Security: Does My Business Need OAuth?
 
The app of the possible Shailen Sukul MBUG gets Modern Apps and Modern User ...
The app of the possible Shailen Sukul MBUG gets Modern Apps and Modern User ...The app of the possible Shailen Sukul MBUG gets Modern Apps and Modern User ...
The app of the possible Shailen Sukul MBUG gets Modern Apps and Modern User ...
 
EduID Mobile App - Use-Cases, Concepts and Implementation
EduID Mobile App - Use-Cases, Concepts and ImplementationEduID Mobile App - Use-Cases, Concepts and Implementation
EduID Mobile App - Use-Cases, Concepts and Implementation
 
Gcp intro-20160721
Gcp intro-20160721Gcp intro-20160721
Gcp intro-20160721
 
The Case For Next Generation IAM
The Case For Next Generation IAM The Case For Next Generation IAM
The Case For Next Generation IAM
 
Pelegri Desarrollando en una nueva era de software
Pelegri Desarrollando en una nueva era de software Pelegri Desarrollando en una nueva era de software
Pelegri Desarrollando en una nueva era de software
 

More from James Tramel

DevOps Kata Modern Debugging
DevOps Kata Modern DebuggingDevOps Kata Modern Debugging
DevOps Kata Modern DebuggingJames Tramel
 
MS Cloud Design Patterns Infographic 2015
MS Cloud Design Patterns Infographic 2015MS Cloud Design Patterns Infographic 2015
MS Cloud Design Patterns Infographic 2015James Tramel
 
Microsoft and DevOps
Microsoft and DevOpsMicrosoft and DevOps
Microsoft and DevOpsJames Tramel
 
Office 365 and SharePoint
Office 365 and SharePointOffice 365 and SharePoint
Office 365 and SharePointJames Tramel
 
Information architecture in share point 2010
Information architecture in share point 2010Information architecture in share point 2010
Information architecture in share point 2010James Tramel
 
Sharepoint and SQL Server 2012
Sharepoint and SQL Server 2012Sharepoint and SQL Server 2012
Sharepoint and SQL Server 2012James Tramel
 

More from James Tramel (7)

DevOps Kata Modern Debugging
DevOps Kata Modern DebuggingDevOps Kata Modern Debugging
DevOps Kata Modern Debugging
 
MS Cloud Design Patterns Infographic 2015
MS Cloud Design Patterns Infographic 2015MS Cloud Design Patterns Infographic 2015
MS Cloud Design Patterns Infographic 2015
 
Microsoft and DevOps
Microsoft and DevOpsMicrosoft and DevOps
Microsoft and DevOps
 
Office 365 and SharePoint
Office 365 and SharePointOffice 365 and SharePoint
Office 365 and SharePoint
 
Forefront UAG
Forefront UAGForefront UAG
Forefront UAG
 
Information architecture in share point 2010
Information architecture in share point 2010Information architecture in share point 2010
Information architecture in share point 2010
 
Sharepoint and SQL Server 2012
Sharepoint and SQL Server 2012Sharepoint and SQL Server 2012
Sharepoint and SQL Server 2012
 

Recently uploaded

Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about usDynamic Netsoft
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...aditisharan08
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsJheuzeDellosa
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptkotipi9215
 

Recently uploaded (20)

Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about us
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number Systems
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.ppt
 

Oauth and SharePoint 2013 Provider Hosted apps

  • 1. 630 Freedom Business Center Drive 3rd Floor King of Prussia, PA 19406 ©2013 CapTech Ventures www.captechconsulting.com Tri-State SharePoint SharePoint 2013 Auth – Giving an app a first class identity James Tramel May 14, 2013
  • 2. ©2012 CapTech Ventures, Inc. All rights reserved. CapTech • Philadelphia, DC, Richmond and Charlotte Based • Practices – MC/SI/DMBI - thought leadership • Technology agnostic, several MS folks in SI practice • We’re local and community focused • Philadbundance, Run to Rebuild, United Way Page 2
  • 3. ©2012 CapTech Ventures, Inc. All rights reserved. Agenda Clouds and SharePoint, Clouds and Apps, Clouds and You Oauth – small demo Authorization vs Authentication Oauth, Apps and Identity Hosting and Trust Demo
  • 4. ©2012 CapTech Ventures, Inc. All rights reserved. Cloudy with a chance of meatballs Page 4
  • 5. ©2012 CapTech Ventures, Inc. All rights reserved. The Cloud – compute as a service utility • Bing Maps Data Center in a minute: http://www.youtube.com/watch?v=XbKunHnuIcA • Modular Data Center Overview: http://www.youtube.com/watch?v=LiMq_5L1MQg • Inside a Modular Data Center: http://www.youtube.com/watch?v=nIliMskAHro Page 5
  • 6. ©2012 CapTech Ventures, Inc. All rights reserved. What is SharePoint? • Application or platform? • What’s the difference between these things: - Office 365, BPOS - SharePoint Online - SharePoint on Premise - SharePoint Hybrid - SharePoint 2010 - SharePoint 2013 - Foundation, Server and Enterprise - SharePoint in Azure, AWS, RackSpace, Cloudshare Page 6
  • 7. ©2012 CapTech Ventures, Inc. All rights reserved. What is SharePoint in relation to the cloud Page 7
  • 8. ©2012 CapTech Ventures, Inc. All rights reserved. Cloud Continuum Page 8
  • 9. ©2012 CapTech Ventures, Inc. All rights reserved. IaaS vs PaaS vs SaaS Page 9
  • 10. ©2012 CapTech Ventures, Inc. All rights reserved. IaaS vs PaaS vs Saas Page 10
  • 11. ©2012 CapTech Ventures, Inc. All rights reserved. Iaas vs PaaS vs SaaS Page 11
  • 12. ©2012 CapTech Ventures, Inc. All rights reserved. 5-3-2 Cloud Page 12
  • 13. ©2012 CapTech Ventures, Inc. All rights reserved. What does this have to do with apps? Page 13
  • 14. ©2012 CapTech Ventures, Inc. All rights reserved. What does this have to do with apps? • Apps in the cloud • Making systems and apps more robust • Tying to the cloud, but you don’t have to • Services working together • How do you make this work? Page 14
  • 15. ©2012 CapTech Ventures, Inc. All rights reserved. What else is going on in the web? • Twitter • Tumblr • Bitly • Facebook • Instagram • Wordpress • Geolocation Page 15
  • 16. ©2012 CapTech Ventures, Inc. All rights reserved. Demo Page 16
  • 17. ©2012 CapTech Ventures, Inc. All rights reserved. Oauth • OAuth is an open standard for authorization • OAuth is not OpenID (authentication/digital ID) • Valet Key • Access Token • Scopes Page 17
  • 18. ©2012 CapTech Ventures, Inc. All rights reserved. What's your P@ssword! • Last time you changed your password? • Benefits of the valet? Page 18
  • 19. ©2012 CapTech Ventures, Inc. All rights reserved. Authentication vs Authorization Page 19 Authentication is the verification of the credentials of the connection attempt •Who is the user? •Is the user really who he/she represents himself to be? Authorization is the verification that the connection attempt is allowed •Is user X authorized to access resource R? •Is user X authorized to perform operation P? •Is user X authorized to perform operation P on resource R?
  • 20. ©2012 CapTech Ventures, Inc. All rights reserved. SharePoint 2010 Authentication • Authentication - Windows (NT, Kerberos, Anonymous, Basic, Digest) - Forms (LDAP, SQL, Custom) - SAML (ADFS, Custom, LDAP) • Development - Farm (full trust) - Sandbox (some trust) - Rest/API (no trust – except where given, COM) Page 20
  • 21. ©2012 CapTech Ventures, Inc. All rights reserved. SP 2013 Auth Claims, Claims, Claims • Classic is no more, or on its way out • Distributed Cache Server to Server • Exchange, Lync App Authentication (App Model / App Catalog / CSOM) • Create apps that use Oauth or other identity provider • App Permission Policies (User/App, App Only, User Only) Page 21
  • 22. ©2012 CapTech Ventures, Inc. All rights reserved. Oauth Terms • Client app - Remote app that needs site perms • Content owner - User who grants perms to content • Content Server - Web server where content is • Auth Server - Trusted server that authenticates apps and creates oauth tokens Page 22
  • 23. ©2012 CapTech Ventures, Inc. All rights reserved. The Dance – how this works for Apps Page 23
  • 24. ©2012 CapTech Ventures, Inc. All rights reserved. Low Trust Apps in SharePoint 2013 Page 24
  • 25. ©2012 CapTech Ventures, Inc. All rights reserved. BCS Hybrid and Oauth – The Dance (Example) Page 25
  • 26. ©2012 CapTech Ventures, Inc. All rights reserved. Apps are people too • Apps have permission like users • App principle is like a user identify – a security principle • Apps are granted perms - Differ than users - All or nothing / No hierarchy • Apps have default perms - App can run app web - App can include permissions - Install grants / denies permission Page 26
  • 27. ©2012 CapTech Ventures, Inc. All rights reserved. Access Tokens • Access tokens are issued by the OAuth security token service (STS). - An example of OAuth STS is Windows Azure Access Control Service (ACS) OAuth endpoints. - In contrast, the WS-Federation STS and the Security Assertion Markup Language (SAML) passive sign-in STS are primarily intended to issue sign-in tokens • What’s a token? Page 27
  • 28. ©2012 CapTech Ventures, Inc. All rights reserved. Identity Page 28
  • 29. ©2012 CapTech Ventures, Inc. All rights reserved. When is using OAuth required? • To authorize requests by an app for SharePoint to access SharePoint resources on behalf of a user. • To authenticate apps in the Office Store, an app catalog, or a developer tenant. Page 29
  • 30. ©2012 CapTech Ventures, Inc. All rights reserved. Plan for App Authentication App authentication is the validation of an external app for SharePoint's identity and the authorization of both the app and an associated user when the app requests access to a secured SharePoint resource • Verify that the requesting app is trusted. • Verify that the type of access that the app is requesting is authorized. Page 30
  • 31. ©2012 CapTech Ventures, Inc. All rights reserved. Types of Hosting options Page 31
  • 32. ©2012 CapTech Ventures, Inc. All rights reserved. Types of hosting Page 32
  • 33. ©2012 CapTech Ventures, Inc. All rights reserved. Trust Relationships for hosting optoins • Autohosted - Autohosted apps run as a web role in Windows Azure and use the Windows Azure Access Control Service (ACS) to obtain the access token. • Provider-hosted - Provider-hosted apps run on their own servers on the Internet or your intranet, are registered with Windows Azure, and use ACS to obtain the access token. • SharePoint-hosted - Sharepoint hosted apps run in an appweb, can have client side code but not server side code. Developer must use certificates or create their own trust Page 33
  • 34. ©2012 CapTech Ventures, Inc. All rights reserved. High Trust vs Low Trust • High-trust apps - High-trust apps run on stand-alone servers on your intranet and use a signing certificate to digitally sign the access tokens that the app generates. Typically server to server. • Low-Trust apps - Low trust apps can run anywhere and run on an Oauth code flow to delegate limited rights to apps to act as users. SharePoint and client application must trust and communicate with an authentication provider such as azure active directory. Page 34
  • 35. ©2012 CapTech Ventures, Inc. All rights reserved. Demo • Setting up a provider hosted app to run in Azure Page 35
  • 36. ©2012 CapTech Ventures, Inc. All rights reserved. References • MSDN, Technet, Microsoft, Wikipedia • Robert G Carter, Duke Uniersity OIT • Connecting a PaaS Application to an IaaS application with a Virtual Network – Yung Chou, MS Tech Evangelist • Introduction to Windows Azure Virtual Machines – Keith Mayer, MS Developer Evangelist • Creating a SharePoint Server 2013 Environment for Development and Testing – Critical Path • SharePoint 2013 Developer Ramp Up – Plural Sight, Andrew Connell Page 36
  • 37. ©2012 CapTech Ventures, Inc. All rights reserved. Yes You can • Premium Subscriber • Free Account in Azure Page 37
  • 38. ©2012 CapTech Ventures, Inc. All rights reserved. Do it • Client - Powershell • Azure cmdlets • Import azure module • Get/set azure publishing settings - Visual Studio 2012 • Azure toolkit • Office Developer Tools Page 38 Azure • Affinity Group • Storage • DNS • Network • Active Directory
  • 39. ©2012 CapTech Ventures, Inc. All rights reserved. SharePoint Demo Page 39