KEMBAR78
Oauth - Brief Introduction | PPTX
James Tramel, profile picture
Uploaded byJames Tramel
PPTX, PDF467 views

Oauth - Brief Introduction

The document outlines a presentation on SharePoint authentication and authorization, focusing on the differences between OAuth and OpenID. It discusses key concepts such as claims, app authentication, and the deprecated classic method. The document includes a basic demo and references several sources for further information.

Download to read offline
1118 West Main Street Richmond, Virginia 23220 804.355.0511 ©2012 CapTech Ventures www.captechconsulting.com Tri-State SharePoint Auth in 2013 James Tramel December 11, 2012
©2012 CapTech Ventures, Inc. All rights reserved. Agenda Intro 2013 Auth Authorization vs Authentication Oauth The Dance Basic Demo SharePoint Demo
©2012 CapTech Ventures, Inc. All rights reserved. SP 2013 Auth Claims, Claims, Claims (Kerberos, SAML, Forms) • Classic is being deprecated (see InfoPath) • Convert-SpWebApplication • Distributed Cache Server to Server • Exchange, Lync App Authentication (App Model / App Catalog / CSOM) • Create apps that use Oauth, VS auto gen Client ID and client secret • App Permission Policies (User/App, App Only, User Only) Page 3
©2012 CapTech Ventures, Inc. All rights reserved. Authentication vs Authorization Page 4 Authentication is the verification of the credentials of the connection attempt •Who is the user? •Is the user really who he/she represents himself to be? Authorization is the verification that the connection attempt is allowed •Is user X authorized to access resource R? •Is user X authorized to perform operation P? •Is user X authorized to perform operation P on resource R?
©2012 CapTech Ventures, Inc. All rights reserved. Oauth • OAuth is an open standard for authorization • OAuth is not OpenID (authentication/digital ID) • Valet Key • Access Token • Scopes Page 5
©2012 CapTech Ventures, Inc. All rights reserved. The Dance Page 6
©2012 CapTech Ventures, Inc. All rights reserved. BCS Hybrid and Oauth – The Dance (Example) Page 7
©2012 CapTech Ventures, Inc. All rights reserved. Demo Page 8
©2012 CapTech Ventures, Inc. All rights reserved. SharePoint Demo Page 9
©2012 CapTech Ventures, Inc. All rights reserved. References • Technet, MSDN, Wikipedia • Robert G Carter, Duke Uniersity OIT Page 10

More Related Content

PPT
SSO_Good_Bad_Ugly
bySteve Markey
 
PPTX
Reduce, Reuse, Recycle: How Moneysupermarket.com Created APIs Without Startin...
byCA API Management
 
PPT
Maximizing PayPal's New Identity Services to Create Seamless and Safe User Ex...
byPayPalX Developer Network
 
PPTX
Federation Services
byEmpowerID
 
PPTX
OAuth Assisted Token Flow for Single Page Applications
byNordic APIs
 
PPTX
What is portal vs website
byAnil Kumar
 
PPT
Kerberos and WebVoyage
byRick Silterra
 
PPTX
MH Trailblazer Group - Understanding SSO Solution for Salesforce
bysonumanoj
 
SSO_Good_Bad_Ugly
bySteve Markey
 
Reduce, Reuse, Recycle: How Moneysupermarket.com Created APIs Without Startin...
byCA API Management
 
Maximizing PayPal's New Identity Services to Create Seamless and Safe User Ex...
byPayPalX Developer Network
 
Federation Services
byEmpowerID
 
OAuth Assisted Token Flow for Single Page Applications
byNordic APIs
 
What is portal vs website
byAnil Kumar
 
Kerberos and WebVoyage
byRick Silterra
 
MH Trailblazer Group - Understanding SSO Solution for Salesforce
bysonumanoj
 

Similar to Oauth - Brief Introduction

PPTX
Oauth and SharePoint 2013 Provider Hosted apps
byJames Tramel
 
PPTX
Understanding SharePoint Apps, authentication and authorization infrastructur...
bySPC Adriatics
 
PPTX
SharePoint Saturday Austin - Share point authentication and authorization
byLiam Cleary [MVP]
 
PDF
SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...
byNCCOMMS
 
PPTX
What's New for IT Professionals in SharePoint Server 2013
byCTE Solutions Inc.
 
PPTX
Kerberos part 1
bySpencer Harbar
 
PPT
Tech Ed 2006 South East Asia Security And Compliance by Joel Oleson
byJoel Oleson
 
PPTX
What’s New for IT Professionals in Microsoft® SharePoint® Server 2013 Day 1
bySayed Ali
 
PDF
Everything you should know about SharePoint OAuth! - Lieven Iliano
byBIWUG
 
PPTX
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
byAntonioMaio2
 
PDF
Who Are You and What Do You Want? Working with OAuth in SharePoint 2013.
byEric Shupps
 
PPTX
SPCA2013 - Developing Provider-Hosted Apps for SharePoint 2013
byNCCOMMS
 
PPTX
Securing SharePoint Apps with OAuth
byKashif Imran
 
Oauth and SharePoint 2013 Provider Hosted apps
byJames Tramel
 
Understanding SharePoint Apps, authentication and authorization infrastructur...
bySPC Adriatics
 
SharePoint Saturday Austin - Share point authentication and authorization
byLiam Cleary [MVP]
 
SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...
byNCCOMMS
 
What's New for IT Professionals in SharePoint Server 2013
byCTE Solutions Inc.
 
Kerberos part 1
bySpencer Harbar
 
Tech Ed 2006 South East Asia Security And Compliance by Joel Oleson
byJoel Oleson
 
What’s New for IT Professionals in Microsoft® SharePoint® Server 2013 Day 1
bySayed Ali
 
Everything you should know about SharePoint OAuth! - Lieven Iliano
byBIWUG
 
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
byAntonioMaio2
 
Who Are You and What Do You Want? Working with OAuth in SharePoint 2013.
byEric Shupps
 
SPCA2013 - Developing Provider-Hosted Apps for SharePoint 2013
byNCCOMMS
 
Securing SharePoint Apps with OAuth
byKashif Imran
 

More from James Tramel

PPTX
DevOps Kata Modern Debugging
byJames Tramel
 
PDF
MS Cloud Design Patterns Infographic 2015
byJames Tramel
 
PPTX
Microsoft and DevOps
byJames Tramel
 
PPTX
SharePoint 2013 Apps and the App Model
byJames Tramel
 
PPTX
Office 365 and SharePoint
byJames Tramel
 
PPTX
Forefront UAG
byJames Tramel
 
PPTX
Information architecture in share point 2010
byJames Tramel
 
PPTX
Sharepoint and SQL Server 2012
byJames Tramel
 
DevOps Kata Modern Debugging
byJames Tramel
 
MS Cloud Design Patterns Infographic 2015
byJames Tramel
 
Microsoft and DevOps
byJames Tramel
 
SharePoint 2013 Apps and the App Model
byJames Tramel
 
Office 365 and SharePoint
byJames Tramel
 
Forefront UAG
byJames Tramel
 
Information architecture in share point 2010
byJames Tramel
 
Sharepoint and SQL Server 2012
byJames Tramel
 

Recently uploaded

PDF
The invisible key: Securing the new attack vector of OAuth tokens
byGianluca Varisco
 
PDF
A fool with a tool is still a fool - Plone Conference 2025
byAndreas Jung
 
PDF
Unlocking Full-Stack Observability for AIOps: A Precisely Ironstream for Big ...
byPrecisely
 
PDF
Expert Python App Development Company for Modern Enterprises
bySynapseIndia
 
PDF
Planetek Italia Corporate Profile brochure
byPlanetek Italia Srl
 
PPTX
"The Art of Web Scraping: Tree Algorithms and JS Magic", Dmytro Tarasenko
byFwdays
 
PDF
Rivian's Push Notification Sub Stream with Mega Filter by Marcus Kim & Saahil...
byScyllaDB
 
PDF
What is Google Cloud Platform (GCP)? A 5-Minute Guide for Beginners (2025)
byTeleglobal International
 
PDF
Ask Me Anything About AI Assist: Practical Answers for Real Workflows
bySafe Software
 
PDF
Fairness and Bias in AI Ethics and Explainability
byShiwani Gupta
 
PDF
Atlantix is an AI-first venture studio, building companies with AI at the core
byadmin625551
 
PDF
Getting the Best of TrueDEM – October News & Updates
bypanagenda
 
PPTX
Agentic AI Solutions and Services | Aeologic
byankitaeologic
 
PPTX
"Daily workflows with Cursor IDE", Maksym Anisimov
byFwdays
 
PDF
2025 October Patch Tuesday
byIvanti
 
PDF
Session 2 - Agentic Orchestration with UiPath Maestro
byDianaGray10
 
PDF
Ethical Initiatives in AI and accountability.pdf
byShiwani Gupta
 
PDF
From Data Chaos to Copilot Confidence: A Step-by-Step Microsoft 365 Copilot R...
byNikki Chapple
 
PDF
GPUS and How to Program Them by Manya Bansal
byScyllaDB
 
PDF
AGV PROTOCOL BRAND KIT COMPLETE VIEW.pdf
byfagbolade
 
The invisible key: Securing the new attack vector of OAuth tokens
byGianluca Varisco
 
A fool with a tool is still a fool - Plone Conference 2025
byAndreas Jung
 
Unlocking Full-Stack Observability for AIOps: A Precisely Ironstream for Big ...
byPrecisely
 
Expert Python App Development Company for Modern Enterprises
bySynapseIndia
 
Planetek Italia Corporate Profile brochure
byPlanetek Italia Srl
 
"The Art of Web Scraping: Tree Algorithms and JS Magic", Dmytro Tarasenko
byFwdays
 
Rivian's Push Notification Sub Stream with Mega Filter by Marcus Kim & Saahil...
byScyllaDB
 
What is Google Cloud Platform (GCP)? A 5-Minute Guide for Beginners (2025)
byTeleglobal International
 
Ask Me Anything About AI Assist: Practical Answers for Real Workflows
bySafe Software
 
Fairness and Bias in AI Ethics and Explainability
byShiwani Gupta
 
Atlantix is an AI-first venture studio, building companies with AI at the core
byadmin625551
 
Getting the Best of TrueDEM – October News & Updates
bypanagenda
 
Agentic AI Solutions and Services | Aeologic
byankitaeologic
 
"Daily workflows with Cursor IDE", Maksym Anisimov
byFwdays
 
2025 October Patch Tuesday
byIvanti
 
Session 2 - Agentic Orchestration with UiPath Maestro
byDianaGray10
 
Ethical Initiatives in AI and accountability.pdf
byShiwani Gupta
 
From Data Chaos to Copilot Confidence: A Step-by-Step Microsoft 365 Copilot R...
byNikki Chapple
 
GPUS and How to Program Them by Manya Bansal
byScyllaDB
 
AGV PROTOCOL BRAND KIT COMPLETE VIEW.pdf
byfagbolade
 

Oauth - Brief Introduction

  • 1.
    1118 West MainStreet Richmond, Virginia 23220 804.355.0511 ©2012 CapTech Ventures www.captechconsulting.com Tri-State SharePoint Auth in 2013 James Tramel December 11, 2012
  • 2.
    ©2012 CapTech Ventures,Inc. All rights reserved. Agenda Intro 2013 Auth Authorization vs Authentication Oauth The Dance Basic Demo SharePoint Demo
  • 3.
    ©2012 CapTech Ventures,Inc. All rights reserved. SP 2013 Auth Claims, Claims, Claims (Kerberos, SAML, Forms) • Classic is being deprecated (see InfoPath) • Convert-SpWebApplication • Distributed Cache Server to Server • Exchange, Lync App Authentication (App Model / App Catalog / CSOM) • Create apps that use Oauth, VS auto gen Client ID and client secret • App Permission Policies (User/App, App Only, User Only) Page 3
  • 4.
    ©2012 CapTech Ventures,Inc. All rights reserved. Authentication vs Authorization Page 4 Authentication is the verification of the credentials of the connection attempt •Who is the user? •Is the user really who he/she represents himself to be? Authorization is the verification that the connection attempt is allowed •Is user X authorized to access resource R? •Is user X authorized to perform operation P? •Is user X authorized to perform operation P on resource R?
  • 5.
    ©2012 CapTech Ventures,Inc. All rights reserved. Oauth • OAuth is an open standard for authorization • OAuth is not OpenID (authentication/digital ID) • Valet Key • Access Token • Scopes Page 5
  • 6.
    ©2012 CapTech Ventures,Inc. All rights reserved. The Dance Page 6
  • 7.
    ©2012 CapTech Ventures,Inc. All rights reserved. BCS Hybrid and Oauth – The Dance (Example) Page 7
  • 8.
    ©2012 CapTech Ventures,Inc. All rights reserved. Demo Page 8
  • 9.
    ©2012 CapTech Ventures,Inc. All rights reserved. SharePoint Demo Page 9
  • 10.
    ©2012 CapTech Ventures,Inc. All rights reserved. References • Technet, MSDN, Wikipedia • Robert G Carter, Duke Uniersity OIT Page 10