Team blog of MCS @ Middle East and Africa

This blog is created by Microsoft MEA HQ near shoring team, and it aims to share knowledge with the IT community.With its infrastructure and development sides,It brings to you the proven best practices and real world experiences from Subject Matter Experts
Follow Us On Twitter! Subscribe To Our Blog! Contact Us

Use Facebook as an Identity Provider for SharePoint 2013 – Part 1

Use Facebook as an Identity Provider for SharePoint 2013 – Part 1

  • Comments 1
  • Likes

Introduction:

This blog will describe in details how to use Facebook as an identity provider to login into your SharePoint application.

There are many ways to integrate you SharePoint application with Facebook; so you can start developing authentication and authorization mechanisms for your SharePoint application, OR you can start using Windows Azure Access Control Service (ACS) that provides an easy way of authenticating users who need to access your SharePoint application.

How does ACS work with SharePoint and Facebook?

Steps

  1. User requests to be authenticated against a relying party (In our case, it is a SharePoint web application), and then to choose from a dropdown list the required Identity Provider for authentication.
  2. The user will be redirected to the chosen identity provider (which is Facebook in our case).
  3. The user enter his/her username and password.
  4. The Facebook will generate and send a security token to the user that hold claims and other properties.
  5. Facebook will redirect the user to the ACS, and the user will send the generated security token to the ACS.
  6. ACS validate the security token, and generate a new security token.
  7. The ACS redirect the user to the SharePoint web application and send the new security token to the user.
  8. The user will send the security token to the SharePoint web application.
  9. The SharePoint application will validate the security token, and then redirect the user to the required page.

 

Configuration Steps:

PS: I will assume you have ONLY a configured SharePoint machine and connected to the internet only.

First of all, let us create a windows azure account:

1

  • click on Sign up for a free trial.

2

  • Choose your county and click the next arrow

3

  • Enter you mobile number, and click on send text message, wait 5 minutes, and you will receive a verification code.

4

  • Enter you verification code and click on verify code, then click the next arrow.

5

  • Enter your credit card and your billing information; (You will not be charged for this, remember the first 90 days are FREE).

 

6

  • Click Next.
  • Click on Portal on the top right of the page.

image

  • Click on ACTIVE DIRECTORY on the left navigation then click on ACCESS CONTROL NAMESPACES.
  • Click on CREATE A NEW NAMESPACE.

8

  • Fill the namespace (I name it MySharePointLogin; you can choose your own namespace) and click create.

9

  • The URL of your Access Control Namespace will be like this:
    • http://MySharePointLogin.accesscontrol.windows.net (Mine)
    • http://YourNamespaceTitle.accesscontrol.windows.net (Your namespace title)

 

 

 

  • Now go to Facebook Developer: http://developers.facebook.com
  • Sign in using your Facebook username and password.
  • Click on App from the top navigation

1

  • Click Create New App

2

  • Fill the required information and click Continue

3

  • Fill the required Captcha
  • Fill the Access Control Namespace URL in the Site URL, and Click Save.
  • PS You will require the App ID and App Secret in the next phase.

5

 

Go to Part 2

Comments
  • What are the steps if I want to make the identity provider to be another ASP.NET web application instead of facebook

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment