O'Reilly logo

Beginning SharePoint 2013 Development by Donovan Follette, Chris Johnson, Steve Fox

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

APPLICATION AUTHENTICATION

Now that you understand what application identities are and how to create and set them up in SharePoint, you can take a look at how those identities are used as part of the authentication between applications and SharePoint.

Whenever an app that is subject to external authentication needs to make an API call into SharePoint it must first confirm it has a valid and usable set of authentication tokens to do so. The two key tokens are:

  • Context token
  • Access token

The context token is passed when an application is launched. It contains information about who the calling user is and details about the SharePoint site where the application was launched. The access token is used when an application makes a call to a SharePoint API.

Several steps make up the authentication flow when these two tokens are issued and used, but there are five main occurrences that make up high-level flow when a user launches an app in SharePoint:

1. User logs into SharePoint.
2. SharePoint gets a context token for the user.
3. Context token is passed to the app when launched.
4. App uses the context token to request an access token.
5. Access token is passed with API calls.

The full process for app authentication is slightly more complex, as shown in Figure 10-1. This detailed, step-by-step version of process is explained in the following steps:

1. User requests ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required