At this stage we are done configuring the Facebook part.

Continue Configuration Steps:

• Now we need to create a signing token certificate. This is used to sign tokens issued to SharePoint Web Applications.
• Open command prompt, browse to MakeCert.exe command which can be found in the \Bin folder of the Microsoft Windows Software Development Kit (SDK) installation path.
• If MakeCert.exe is missing, then download and install Windows SDK from here
• Run the following command:

MakeCert.exe -r -pe -n "CN=mysharepointlogin.accesscontrol.windows.net" ^
-sky exchange -ss my -len 2048 -e 05/29/2014

• After the operation succeed, go to Control Panel –> Administrative Tools –> Manage Computer Certificate.
• Expand Certificates – Current User, Personal, and click on Certificate. You will find the newly created signing token certificate.

• Right Click on the new certificate go to All Tasks –> Export.
• Choose No, do not export the private key, and click next.

• Choose Base-64 encoded x,509 (.CER), and click Next.

• Save the Certificate on the Desktop, ex: "C:\Users\Administrator\Desktop\MySharePointLogin.cer"
• Go again to Control Panel –> Administrative Tools –> Manage Computer Certificate.
• Browse to the same certificate again (Current User –> Personal -> click on Certificate).
• Right Click on the new certificate go to All Tasks –> Export.
• Choose Yes, export the private key, and click next.

• Choose Personal Information Exchange –PKCS #12(.PFX) and click Next.

• Choose Password, and choose a password; remember this password as it will be used later.

• Save the Certificate on the Desktop, ex: "C:\Users\Administrator\Desktop\MySharePointLogin.pfx”

• Go to your Access Control Namespace URL:
• http://MySharePointLogin.accesscontrol.windows.net (Mine)
• http://YourNamespaceTitle.accesscontrol.windows.net (Your namespace title)
• Click on Identity Providers.

• Click Add

• Select Facebook and click Add

• Keep the Display name as default
• Enter the Application ID –> This is the Facebook Application ID and can be retrieved from your Facebook Developer Account, then go to Application Information https://developers.facebook.com/apps (Part 1).
• Enter the Application Secret –> This is the Facebook Application Secret and can be retrieved from your Facebook Developer Account, then go to Application Information https://developers.facebook.com/apps (Part 1).
• Application Permission can vary, the default is the email, for more information go to: https://developers.facebook.com/docs/reference/login/#permissions
• Login Page Text keep default.
• Click Save

• Click on Relying Party Applications from the left navigation, then click Add.

• Fill the related information for the relying party (SharePoint)
• Name –> Web Application Host Header (ex: SharePointLogin.com
• Realm –> http://WebApplicationHostHeader (ex: http://SharePointLogin.com)
• Return URL –> Http://WebApplicationHostHeader/_trust (ex: http://SharePointLogin.com/_trust)
• Token Format: SAML 1.1

• Fill the related information for the relying party (SharePoint)
• Token encryption policy –> None
• Token lifetime (secs) –> 4000
• Choose Facebook as Identity Provider.
• Check Create New Rule Group
• Browse to the certificate you exported from the previous step; choose the certificate with .PFX extension.
• Enter the password you created when you exported the certificate.
• Click Save.

• Click Rule Groups from the left navigation and then click on Default Rule Group for MySharePointLogin.com

• Click Generate

• Choose Facebook and click Generate

• Click Save

Go to Part 1

Go to Part 3