App Authentication and server-to-server services in
SharePoint 2013 now support OAuth 2.0 authentication.
OAuth is a security protocol which enables sharing limited information between applications and services, without sharing the actual username/password credentials. Specific resources can be identified for sharing using OAuth, using a different set of credentials, which cannot be used to access other restricted information from the Application / Service.
OAuth is a security protocol which enables sharing limited information between applications and services, without sharing the actual username/password credentials. Specific resources can be identified for sharing using OAuth, using a different set of credentials, which cannot be used to access other restricted information from the Application / Service.
Apps in SharePoint 2013 use OAuth protocol to access a limited set of resources, eg access a specific list to read the items in the list.
SharePoint 2013 has a security token service (STS), which maintains the security tokens to enable server-to-server access. A trust is established between the local SharePoint Server 2013 STS and the STS of other servers, thereby enabling claim based access across servers.
The STS token is used only for temporary access that too for a specific set of limited resources, this is different from the user authentication; user authentication is done by a different claim based authentication.
To know more about the OAuth Protocol refer the post Open Authorization 2.0 (OAuth)
Related Post
SharePoint 2013 Hardware and Software Requirements
SharePoint 2013 Authentication
SharePoint 2013 Sites
SharePoint 2013 Communities
SharePoint 2013 Content
SharePoint 2013 Search
SharePoint 2013 Insight
SharePoint 2013 Composites
SharePoint 2013 Claim Based Authentication
SharePoint 2013 Support for OAuth 2.0
SharePoint 2013 Distributed Cache Service
No comments:
Post a Comment