Suyati Technologies
  • SOLUTIONS
    • BUYER RHYTHMS
      • INTEGRATE PLATFORMS
      • ANALYZE DATA
      • ENGAGE CUSTOMERS
  • INDUSTRIES
    • EDUCATION
    • PUBLISHING
    • MEDIA AND ENTERTAINMENT
    • MANUFACTURING
    • RETAIL
    • HEALTHCARE
    • START-UPS
  • PLATFORMS
    • CMS
      • EPISERVER
      • EKTRON
      • SITECORE
      • SITEFINITY
      • KENTICO
      • DRUPAL
      • WORDPRESS
      • JOOMLA
    • CRM
      • SALESFORCE
      • MICROSOFT DYNAMICS CRM
      • SUGARCRM SERVICES
    • ECOMMERCE
      • MAGENTO
      • NOPCOMMERCE
      • COMMERCE SERVER
      • OPENCART
  • TECHNOLOGY
    • MICROSOFT
      • ASP.NET
      • BIZTALK
      • SQL SERVER
      • SHAREPOINT
    • OPEN SOURCE
      • NODE.JS
      • PHP
      • PYTHON
      • RUBY ON RAILS
    • MOBILE
      • WINDOWS
      • ANDROID
      • IOS
    • CLOUD
      • FORCE.COM
      • HEROKU
      • AZURE
      • AMAZON WEB SERVICES
    • BIG DATA
      • BIG DATA SMACK
      • COUCHDB
      • MONGODB
  • TALENT
    • LIFE AT SUYATI
    • TEAM SPEAKS
    • JOB OPENINGS – USA
    • JOB OPENINGS – INDIA
  • ABOUT US
    • OUR STORY
    • ADVISORY BOARD
    • MANAGEMENT TEAM
    • PARTNERS
    • BLOG
    • PRIVACY POLICY
    • CONTACT US
    • TESTIMONIALS
    • ENGAGE WITH US
Suyati Technologies
  • SOLUTIONS
    • BUYER RHYTHMS
      • INTEGRATE PLATFORMS
      • ANALYZE DATA
      • ENGAGE CUSTOMERS
  • INDUSTRIES
    • EDUCATION
    • PUBLISHING
    • MEDIA AND ENTERTAINMENT
    • MANUFACTURING
    • RETAIL
    • HEALTHCARE
    • START-UPS
  • PLATFORMS
    • CMS
      • EPISERVER
      • EKTRON
      • SITECORE
      • SITEFINITY
      • KENTICO
      • DRUPAL
      • WORDPRESS
      • JOOMLA
    • CRM
      • SALESFORCE
      • MICROSOFT DYNAMICS CRM
      • SUGARCRM SERVICES
    • ECOMMERCE
      • MAGENTO
      • NOPCOMMERCE
      • COMMERCE SERVER
      • OPENCART
  • TECHNOLOGY
    • MICROSOFT
      • ASP.NET
      • BIZTALK
      • SQL SERVER
      • SHAREPOINT
    • OPEN SOURCE
      • NODE.JS
      • PHP
      • PYTHON
      • RUBY ON RAILS
    • MOBILE
      • WINDOWS
      • ANDROID
      • IOS
    • CLOUD
      • FORCE.COM
      • HEROKU
      • AZURE
      • AMAZON WEB SERVICES
    • BIG DATA
      • BIG DATA SMACK
      • COUCHDB
      • MONGODB
  • TALENT
    • LIFE AT SUYATI
    • TEAM SPEAKS
    • JOB OPENINGS – USA
    • JOB OPENINGS – INDIA
  • ABOUT US
    • OUR STORY
    • ADVISORY BOARD
    • MANAGEMENT TEAM
    • PARTNERS
    • BLOG
    • PRIVACY POLICY
    • CONTACT US
    • TESTIMONIALS
    • ENGAGE WITH US
Home > Blog > Authenticating SharePoint Online 2013 from a .NET Application

Authenticating SharePoint Online 2013 from a .NET Application

by Bisileesh Bhaskaran December 31, 2013
by Bisileesh Bhaskaran December 31, 2013 0 comment

Recently I got a requirement from one of our clients to develop a .NET Application that communicates with SharePoint online 2013.Since I am a newbie to SharePoint Online, I wasn’t quite sure about the way I have to authenticate the .NET app with SharePoint online 2013.And the resources were limited regarding the programmatic authentication. After spending some good time “googling” and brainstorming with few SharePoint experts in my organization, I implemented the authentication module.
And here’s the story: “How I did it”?
Claims based authentication:
SharePoint online 2013 makes use of claims based authentication.
What is this claims based authentication again?
The whole idea of claims based authentication is to free up the application from the hardship of authentication. And this is completely different from the classic “username”,” password” authentication mechanism, where the burden of authentication is been handled by the application itself.
The term Claim stands for “state or assert that something is the case, typically without providing evidence or proof”.
Claims based authentication also deals with the same idea. An identity provider/security token service issues security token for an application or service by validating credentials passed to it and these security token consist of claims in it.
And these “claims” are used for data access API’s and web services by the Relying Party/Application.
So what actually happens in claims based authentication?

  • User sends a request to access the application
  • The application sends request for token to the Identity provider (Security token service)
  • Identity provider authenticates the user
  • Gets information about the user
  • Creates the authentication token
  • Returns the authentication token to the user

The application processes the claims information from the token to check whether the user is allows to access the application or not.
A diagrammatic representation for the same is as follows:

Use of claims based authentication in SharePoint online 2013:
Now let us see how does claims based authentication works in the SharePoint online context.
A diagrammatic representation for the same is as follows:

Here the replying party is the .NET application. And Microsoft Online Security Token service is the Identity provider. Now let’s go through the steps involved in the authentication.
Step 1: Request token
Microsoft Online Security Token service is the identity provider for SharePoint online.
And it’s located at:
https://login.microsoftonline.com/extSTS.srf
To get the token from Microsoft online, STS application needs to POST a request to the above URL with valid credentials by using SAML 1.1 protocol (http://en.wikipedia.org/wiki/SAML_1.1).
Step 2: Get SAML Response
If the authentication is successful, the STS return a SAML response to the application which looks like the following:

Parse the response to get the security token from it.
Step 3: Send security token to SharePoint Online
POST the security token to SharePoint online
(http(s)://yourdomain.sharepoint.com/_forms/default.aspx?wa=wsignin1.0)
Once the security token is been validated by the SPO, it will return two cookies in the HTTP Header.
This includes FedAuth and rtFa.
Step 4: send requests to SPO with FedAuth and rtFa
Now pass these two cookies along with each request to SPO for a page or a resource or any web service.
Thus by accomplishing the above steps you will be able to authenticate your application against SharePoint online.
You can find a working .NET sample code that connects to SharePoint online from this blog post by Wictor Wilén.
Thanks to the information from:
“Headless” Authentication with SharePoint Online and the Client Side Object Model
Claim Based Authentication and WIF
Image Credits: CodeProject and WictorWilén.se

.net
0 comment
0
FacebookTwitterLinkedinTumblr
previous post
We don’t just write code; we even run marathons
next post
X’tra X’Mas Fun – A Photo Blog

You may also like

The insurer knows your driving more than you...

December 11, 2019

Dreamforce 2019: Here’s What you Missed

December 3, 2019

The Challenges of Delivering Personalized Quotes in Insurance

November 29, 2019

Here’s What the Latest Power BI Desktop Updates...

November 25, 2019

Key Takeaways from DX Summit 2019

November 20, 2019

Shravana Pulari’19 — When Onam came to Suyati...

November 8, 2019

How to optimize your CMS for better customer...

November 6, 2019

Why is Personalized Martech Gaining Popularity?

October 30, 2019

Salesforce Introduces Manufacturing Cloud- A Complete CRM Package

October 30, 2019

Sitecore to Bring in Global Experts: Symposium 2019

October 29, 2019

Leave a Comment Cancel Reply

Save my name, email, and website in this browser for the next time I comment.

Keep in touch

Twitter Linkedin Facebook Pinterest

Newsletter

Liked what you are reading?

Please prove you are human by selecting the Heart.

Recent Posts

  • The insurer knows your driving more than you think

    December 11, 2019
  • Dreamforce 2019: Here’s What you Missed

    December 3, 2019
  • The Challenges of Delivering Personalized Quotes in Insurance

    November 29, 2019

Categories

Newsletter

Liked what you are reading?

Please prove you are human by selecting the Car.

  • Twitter
  • Linkedin
  • Facebook
  • Instagram
  • SOLUTIONS
    • BUYER RHYTHMS
      • INTEGRATE PLATFORMS
      • ANALYZE DATA
      • ENGAGE CUSTOMERS
  • INDUSTRIES
    • EDUCATION
    • PUBLISHING
    • MEDIA AND ENTERTAINMENT
    • MANUFACTURING
    • RETAIL
    • HEALTHCARE
    • START-UPS
  • PLATFORMS
    • CMS
      • EPISERVER
      • EKTRON
      • SITECORE
      • SITEFINITY
      • KENTICO
      • DRUPAL
      • WORDPRESS
      • JOOMLA
    • CRM
      • SALESFORCE
      • MICROSOFT DYNAMICS CRM
      • SUGARCRM SERVICES
    • ECOMMERCE
      • MAGENTO
      • NOPCOMMERCE
      • COMMERCE SERVER
      • OPENCART
  • TECHNOLOGY
    • MICROSOFT
      • ASP.NET
      • BIZTALK
      • SQL SERVER
      • SHAREPOINT
    • OPEN SOURCE
      • NODE.JS
      • PHP
      • PYTHON
      • RUBY ON RAILS
    • MOBILE
      • WINDOWS
      • ANDROID
      • IOS
    • CLOUD
      • FORCE.COM
      • HEROKU
      • AZURE
      • AMAZON WEB SERVICES
    • BIG DATA
      • BIG DATA SMACK
      • COUCHDB
      • MONGODB
  • TALENT
    • LIFE AT SUYATI
    • TEAM SPEAKS
    • JOB OPENINGS – USA
    • JOB OPENINGS – INDIA
  • ABOUT US
    • OUR STORY
    • ADVISORY BOARD
    • MANAGEMENT TEAM
    • PARTNERS
    • BLOG
    • PRIVACY POLICY
    • CONTACT US
    • TESTIMONIALS
    • ENGAGE WITH US

© 2019 Suyati Technologies


Back To Top
Suyati Technologies

Popular Posts

  • 1

    What are the Top 3 risks for implementing a CX Program?

    August 30, 2019
  • 2

    How to build Employee Advocacy for your Business?

    September 3, 2019
  • 3

    Do you need a separate CX Team at your company?

    September 2, 2019
  • 4

    What is Salesforce CRM and what does it do?

    February 19, 2014
  • 5

    The Changing Face of Customer Engagement with AI

    August 9, 2019
© 2019 Suyati Technologies

Read alsox

The Gartner Symposium Blogs – Day 1

October 22, 2013

Why are Enterprises Falling Over Apache Kudu – The latest...

August 1, 2017

Big data, Python and the fight against Human Trafficking

December 3, 2015
Suyati Logo

Technology Insights. Delivered.

Know more about business technology platforms for your enterprise.

Thank you!

We're glad to have you as part of our community. Please feel free to contact us anytime with feedback or suggestions.

Suyati Logo

Leaving So Soon?

Know more about business technology platforms for your enterprise.

Thank you!

We're glad to have you as part of our community. You'll start receiving updates shortly. Please feel free to contact us anytime with feedback or suggestions.

By continuing to use this website you agree with our use of cookies. Read More Agree