GD Bloggers

This is the blog site for Microsoft Global Delivery Communities focused in sharing the technical knowledge about devices, apps and cloud.
Follow Us On Twitter! Subscribe To Our Blog! Contact Us

Use Facebook as an Identity Provider for SharePoint 2013 – Part 3

Use Facebook as an Identity Provider for SharePoint 2013 – Part 3

  • Comments 4
  • Likes

At this stage, we are done configuring the Azure Part

Continue Configuration Steps:

  • Go to your SharePoint Farm
  • Create a new web application
    • Make sure the claim authentication will be as the following:
      • Enable Windows Authentication = Checked
      • Integrated Windows authentication = Check
      • Select NTLM
  • PS: The Facebook authentication will be enabled later

1

4

  • After creating the web application, go and create a site collection

5

  • Run the following script:
    • Red parameters need to be changed depend pon your configuration
$realm = "http://mysharepointlogin.com"
$signinurl = "https://mysharepointlogin.accesscontrol.windows.net:443/v2/wsfederation?wa=wsignin1.0&wtrealm=http%3a%2f%2fmysharepointlogin.com%2f"
$certlocation = "C:\Users\Administrator\Desktop\MySharePointLogin.cer"
$rootcertificate = Get-PfxCertificate $certlocation
New-SPTrustedRootAuthority "MSharePointLogin" -Certificate $rootcertificate
$certificate = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2($certlocation)
$ClaimTypingMapping1 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" -IncomingClaimTypeDisplayName "Email" -SameAsIncoming
$ClaimTypingMapping2 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" -IncomingClaimTypeDisplayName "Display Name" –LocalClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"
$ClaimTypingMapping3 = New-SPClaimTypeMapping -IncomingClaimType "http://www.facebook.com/claims/AccessToken" -IncomingClaimTypeDisplayName "Access Token" -SameAsIncoming
$ClaimTypingMapping4 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" -IncomingClaimTypeDisplayName "Name Identifier" –LocalClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn"
$ClaimTypingMapping5 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.microsoft.com/ws/2008/06/identity/claims/expiration" -IncomingClaimTypeDisplayName "Expiration" -SameAsIncoming
New-SPTrustedIdentityTokenIssuer -Name "Facebook Authentication" -Description "Facebook Identity Provider" -Realm $realm -ImportTrustCertificate $certificate -ClaimsMappings $ClaimTypingMapping1,$ClaimTypingMapping2,$ClaimTypingMapping3,$ClaimTypingMapping4,$ClaimTypingMapping5 -SignInUrl $signinurl -IdentifierClaim $ClaimTypingMapping1.InputClaimType
 
  • realm = the URI or URL that is associated with a SharePoint web application that is configured to use a SAML token-based provider (SharePoint Web application URL)
  • signinurl = Access Control Namespace URL which was created in windows Azure.
  • $certloc = Physical path for the certificate. Make sure to select the .Cer
  • $rootcert = Get the .pfx certificate root
  • New-SPTrustedRootAuthority = Creates a trusted root authority.
  • $cert = to represents an X.509 certificate.
  • $ClaimTypingMapping = map between the new claim in SharePoint with the incoming claim from ACS.
  • New-SPTrustedIdentityTokenIssuer  = Create a new Identity Provider named Facebook Authentication

 

  • After running the script successfully – > Go and select the SharePoint Web Application you created – > General Setting from the top ribbon.

7 - Copy

  • Go to Claims Authentication Section and check Facebook Authentication

6

  • Go back and select the web application –> Click User Policy

7

  • In the pop windows –> Click Add Users

8

  • Select All zones and click Next

9

  • Click Browse Users

10

  • Select All Users –> All Users (Facebook Authentication) –> Click Add –> Click OK.

11

  • Select Full read – Has Full read-only access.

12

  • Click OK

13

Go to Part 2

Go to Part 4

Comments
  • Thanks for the detailed configuration steps. Very informative!

  • fantastic article. some steps didn't work for me, but still very informative. thank you

  • I selected the SharePoint Web Application which i created
    click – > General Setting from the top ribbon but not able to
    seen
    Claims Authentication Section for add check Facebook Authentication
    can you help me

    Note :- I created web application with following all step which mention by you

  • I think have to click on Extend option instead of General settings

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment