See all products »
Curah! curation service
Microsoft Tech Companion App
Microsoft Technical Communities
Microsoft Virtual Academy
Server and Tools Blogs
TechNet Flash Newsletter
Cloud and Datacenter
Windows Server 2012 R2
System Center 2012 R2
Microsoft SQL Server 2012 SP1
Windows 8.1 Enterprise
See all trials »
Microsoft Download Center
TechNet Evaluation Center
Microsoft Virtual Academy
Free Windows Server 2012 courses
Free Windows 8 courses
SQL Server training
MCSA: Windows 8
Windows Server Certification (MCSE)
Private Cloud Certification (MCSE)
SQL Server Certification (MCSE)
Second shot for certification
Born To Learn blog
Find technical communities in your area
For small and midsize businesses
For IT professionals
For technical support
For home users
Microsoft Premier Online
Microsoft Fix It Center
Security Bulletins & Advisories
International support solutions
Log a support ticket
Not an IT pro?
Microsoft Customer Support
Microsoft Community Forums
SharePoint serendipity is the effect by which one accidentally discovers something fortunate, especially while looking for something else entirely. In this case, it is the occassional musings, observations, and Ouija board readings about the phabulously
Office Web Apps
Visual Studio 2010
Visual Studio 2012
Windows Phone 7
Windows Phone 8
Browse by Tags
Access Denied Error with App Only Access Token When Reading Profile Info
This is yet another rather strange error that I ran across and couldn't find any info out on the interwebs about it so I though I would document it here. Suppose you have a SharePoint App that needs to access some User Profile information. You will probably use the PeopleManager class and ask for...
25 Jul 2014
SAML Support for SharePoint-Hosted Apps with ADFS 3.0
This is another case where I'm just passing information along here, based on the great work of others. As you probably know, we did not have a good story for SharePoint-hosted apps in web application that uses SAML authentication with ADFS 2.0. However, I have had reports from a couple of different...
19 May 2014
Changes To Know About When Your SharePoint STS Token Signing Certificate Expires - the Impact to Your High Trust Applications
This is a another follow up to my earlier post on changing the token signing certificate for the SharePoint STS as described here: http://blogs.technet.com/b/speschka/archive/2014/05/06/updating-trust-between-onprem-farms-and-acs-for-apps-when-your-sharepoint-sts-token-signing-certificate-expires.aspx...
12 May 2014
Missing Context Token in Low Trust App with SharePoint 2013 - Part 2
As I noted in my first post on this topic - http://blogs.technet.com/b/speschka/archive/2013/05/28/missing-context-token-in-low-trust-app-with-sharepoint-2013.aspx - you may find yourself in a low trust app without a context token, which basically leaves you up the creek without a paddle. I ran across...
8 May 2014
Create a List in the Host Web When Your SharePoint App is Installed...and Remove it from the Recent Stuff List
This is one of those questions that I've seen asked a lot but for some reason I've never really seen anyone post an answer to it. I did a quick Bing search before writing this post but didn't really see anything up there so I'm going to go out on a bit of a limb and guess that maybe there's...
7 May 2014
Updating Trust Between OnPrem Farms and ACS for Apps When Your SharePoint STS Token Signing Certificate Expires
For those of you who are "in the app way" with SharePoint 2013 (no, not a lot different from being "in the pregnant way", as they say), you'll reach that point sooner or later where the token signing certificate for your SharePoint STS expires if you are using low trust apps on...
6 May 2014
Converting a VS.NET Web for a Provider Hosted SharePoint App to a Full Blown Web or Console Application
This post is yet another in my series of "how long of a post title I can come up with and still not convey the actual essence of the post" contest. I'm sure you've all been following along at home and are thrilled to see another entry, but it was either this or create a title with like 63 words in it...
13 Jun 2013
Another 401 Unauthorized Tip for Working with SharePoint Apps
I've tried to update the related postings to this, but sometimes you need a call out to make sure it catches your attention so...here's another troubleshooting tip for when you get a 401 unauthorized error when your app tries to access SharePoint content. Suppose you have gotten everything working and...
3 Jul 2013
Security in SharePoint Apps - Part 3
PREVIOUS: Security in SharePoint Apps - Part 2 In the first two parts of this series we looked at what an App Principal is and what the security context is that we use when a request comes into SharePoint. Now that we have those basic components of the framework defined, let’s talk a little...
30 Jul 2013
Getting the Current User Identity in a Low Trust App in SharePoint 2013
Today's post comes primarily because it's a common question, but not because it's a particularly brilliant answer; maybe just a bit unexpected. If you followed the some of the differences between low trust and high trust apps in SharePoint, you will know that in a low trust app, SharePoint knows who...
20 Nov 2013
Security in SharePoint Apps - Part 7
PREVIOUS: Security in SharePoint Apps – Part 6 In this part of the series, I’m going to shift gears a bit and talk about high trust apps and the plumbing that goes along with them. As I’ve explained somewhat earlier in this series, one of the big differences between low trust and...
2 Aug 2013
Using SharePoint Apps with SAML and FBA Sites in SharePoint 2013
Hopefully by now everyone has heard about the new app model in SharePoint 2013. There’s a lot of documentation out there about it so I won’t go into exactly what it is. What you should know is that it’s the preferred model for developing applications going forward. If you’ve done...
7 Dec 2012
How To Control App Token Lifetimes in SharePoint 2013
Today's post is the first selection from the little twitter contest I announced on the Share-n-Dipity blog a few days ago: http://blogs.technet.com/b/speschka/archive/2013/09/04/use-social-tools-to-tell-me-what-you-want-to-see-here-next.aspx . Shariq wanted to know more about the lifetime for high trust...
12 Sep 2013
Security in SharePoint Apps - Part 4
PREVIOUS: Security in SharePoint Apps – Part 3 In Part 3 I talked about how SharePoint sends over a context token with the request for an App when using low trust (this does NOT come over to a high trust app). It’s worth looking at what a context token is, and how we compare that to a...
30 Jul 2013
Planning the Infrastructure Required for the new App Model in SharePoint 2013
SharePoint 2013 brings with it a brand new application model, which we euphemistically refer to as the “app model” or “cloud app model”. While it brings a whole new set of opportunities from a development perspective, it also carries with it infrastructure requirements that you...
3 Sep 2012
Missing Context Token in Low Trust App with SharePoint 2013
Should you decide that you want to write low trust apps for an on-premises SharePoint 2013 farm, there are a number of hoops you should expect to jump through (NOTE: this assumes the SPNs for your web apps are already configured in the MsolServicePrincipal for your o365 tenant): Create a new app...
29 May 2013
Security in SharePoint Apps - Part 8
PREVIOUS: Security in SharePoint Apps – Part 7 For this, the very last in the series, I just wanted to briefly talk at a high level about the process you should be doing when developing an App for a SharePoint site that uses SAML (or FBA for that matter). I’ve already written a detailed...
2 Aug 2013
When Do Your Apps Need AppRegNew.aspx in SharePoint 2013
I had a nice question today from my good friend Bala, who was working on some app stuff and talking to me about AppRegNew.aspx. We have a nice article on how to use this here: http://msdn.microsoft.com/en-us/library/jj860570.aspx, which is talking about packaging up your applications. The minor disconnect...
19 Feb 2013
Using REST Services with a Provider Hosted App in SharePoint 2013
Today's topic seems straightforward enough, right? There's lots of documentation all over the interwebs about how to do this so should be a piece of cake. Well, as it turns out, when I did this a couple of weeks ago I found that there is a lot of missing information, misleading information, and in some...
11 Apr 2013
Security in SharePoint Apps - Part 2
PREVIOUS: Security in SharePoint Apps - Part 1 In Part 1 of this series I described how to think about an App Principal, and I mentioned that it is one of the main actors in determining who has rights to what content. The other actor, of course, is the User Principal. Between the two though, there...
29 Jul 2013
Security in SharePoint Apps - Part 1
I recently put together a session around security in SharePoint Apps. There seems to be enough content on this topic to keep people on their toes at all times, so I decided to try and assemble all this information all in one place on this blog with a series of posts. Most of this information is scattered...
29 Jul 2013
Another Apps for SharePoint Tip with the Error "The issuer of the token is not a trusted issuer"
I was working on a build of SharePoint that is post beta 2 today, and found that one of my custom high trust apps I had built would no longer work. In looking at the ULS logs I was getting the dreaded "The issuer of the token is not a trusted issuer" error message. I think this is the equivalent of ...
28 Sep 2012
An Important Tip About Client ID Values for S2S Apps in SharePoint 2013
Here's something that might cost you a TON of time if you aren't careful, so please take a few minutes to read this. You should be seeing some documentation pretty shortly that describes how to create what we call an S2S application, which means Server to Server trust application. You will also see this...
29 Jul 2012
Debugging SharePoint Apps That Are Hosted In Windows Azure Web Sites
Today, I'm going to be the lazy human I'm so frequently accused of being by my somewhat faithful dog Shasta, and bring together two posts written by two other folks into one uber "ain't it cool how this all works together post" by me. Here are the two concepts we're combining today: Publishing...
25 Nov 2013
Security in SharePoint Apps - Part 5
PREVIOUS: Security in SharePoint Apps – Part 4 As promised in Part 4, there’s actually a very interesting type of application that you don’t even install in a site collection. How can this be you ask…well let’s talk about it. With most apps, you have to deploy it...
31 Jul 2013
© 2014 Microsoft Corporation.
Privacy & Cookies