Office 365 Authentication Process (oAuth Service Integration) - iXora Tech Seminar
1. Office 365 Authentication Process
(oAuth Service Integration)
Presented By
Samaresh Das
Technical Team Lead
You have come a long way, lets go further... www.ixorasolution.com
iXora Tech Seminar
2. There are no
problems we
cannot solve
together, and
very few that
we can solve
by ourselves..
Lyndon B.
Johnson
4. 4You have come a long way, lets go further...
Defining oAuth (Open Authorization)
An Open Standard of Token-Based Authentication & Authorization on the
Internet. A Secure Authorization Protocol.
Allows an End User's Account Information to be used by Third-Party
Services (Example: Facebook) without exposing the User's Password.
Acts as an Intermediary on behalf of the End User, providing the service with
an Access Token Authorizing Specific Account Information to be shared.
6. 6You have come a long way, lets go further...
Open Authorization (oAuth) Client
Application Which wants to access user account’s credential.
Open Authorization (oAuth) Provider
Tech companies like Google Plus, Facebook, and Twitter.
Provider’s Individual User Account (Resource Owner)
Internet users having account in providers sites
Parties Involved (oAuth Service Integration)
Basically there are Three Parties involved
8. 8You have come a long way, lets go further...
When trying to access SharePoint Content with oAuth, an
Authentication Server is needed. With SP2013, this Authentication
Server can only be set up in the cloud in Azure.
oAuth in SharePoint
This Authentication Server must also be Microsoft’s implementation of
the authentication server called Azure Access Control Service
(ACS).
oAuth allows users to authorize SharePoint to provide Access
Tokens to 3rd Party Apps. 3rd party apps use the tokens to Retrieve
Data from the SharePoint Server for that user.
10. 10You have come a long way, lets go further...
oAuth Protocol Flow in SharePoint 2013
Content Server
Authentication
Server
User
Client App
8
9
1. SharePoint Authenticating user
2. SP requesting Context Token (CT)
3. ACS returning CT
4. SP passing CT to user
5. User POSTS to app passing CT
6. Client app pulling Refresh Token
out of CT
7. ACS returning OAuth Token (OT)
to client app
8. Client app making REST calls to
SP site passing OT
9. SP returning site content to app
10. Client app returning HTML to user
12. Stay in Touch
Vancouver, Canada
+1 778 223 4699
rubaet.elahi@ixorasolution.com
Farsta, Stockholm, Sweden
+46 7 608 845 11
tahmilur.rahman@ixorasolution.com
Uttara, Dhaka, Bangladesh.
+88 02 7913749, +88 02 7913620
info@ixorasolution.com
Head Office
House 12 (2nd Floor), Isa Kha
Avenue, Sector-6, Uttara,
Dhaka-1230, Bangladesh.
Phone
+88 02 7913749
+88 02 7913620
Email / Website
info@ixorasolution.com
www.ixorasolution.com
Follow us
Japan
Australia
13. Delivering
Higher Quality with Passion
Thank you for your time
ww w. i x o r a s o l u t i o n . c o m You have come a long way, lets go further...