Sharepoint 2010 Articles

Submit Article
Home » Articles » Sharepoint 2010 » GeneralRSS Feeds

Server-to-Server Authentication in SharePoint 2013

Posted By: Destin Joy     Category: Sharepoint 2010     Views: 426391

Many of the features in SharePoint 2013 rely on

the sharing of information between a SharePoint

server farm and other server platforms. These

platforms can include the following:


Office Web Apps Server 2013. This provides

browser-based viewing and editing of

Microsoft Office documents that are stored in

SharePoint sites.


Exchange Server 2013. Many records

management and project management

features in SharePoint rely on integration with



Lync Server 2013. SharePoint 2013 provides close integration with Lync Server for presence

information, and enables users to connect with colleagues from the SharePoint user interface.


Azure Workflow Server. Workflows in SharePoint 2013 rely on the Windows Azure workflow engine.

The Windows Azure Workflow Manager component may be external to the SharePoint server farm.


Other SharePoint Server Farms. In some cases, you will want to share SharePoint service

applications across multiple SharePoint server farms.

In each of these scenarios, the process relies on a


trust relationship between the SharePoint server farm

and the external server platform. After you have configured a trust relationship, the server platforms use a

protocol based on the OAuth 2.0 standard to provide authorized access to resources.


Trust relationships

When you plan for trust relationships between server platforms, you must consider the direction of the

trust relationship. From the perspective of your SharePoint deployment, trust relationships can be

incoming or outgoing:


Incoming trust scenario. If your Exchange Server deployment requests data from your SharePoint

Server deployment, this is an


incoming trust scenario. To use this scenario, you must configure the

SharePoint deployment to trust the Exchange deployment.


Outgoing trust scenario. If your SharePoint Server deployment requests data from your Exchange

Server deployment, this is an outgoing trust scenario. To use this scenario, you must configure the

Exchange deployment to trust the SharePoint deployment.

In essence, trust relationships are always unidirectional. On each participating server platform, you

configure trust relationships only to support


incoming requests. If two server platforms both request data

from each other, you configure a trust relationship to support incoming requests on each server platform.

You can configure a trust relationship in two ways:


Certificate exchange. You can export the token signing certificate from the server you want to trust,

import the certificate onto the server that will serve incoming server-to-server requests, and use the

certificate to register the server you want to trust as a trusted security token issuer.


JSON metadata endpoint. SharePoint 2013 and Exchange 2013 expose a JavaScript Object Notation

(JSON) metadata endpoint. This endpoint provides an identifier for the server's STS, together with a

serialized version of the token signing certificate. You can use this endpoint to register a trusted

security token issuer without manually exporting and importing the certificate.


Didn't find what you were looking for? Find more on Server-to-Server Authentication in SharePoint 2013 Or get search suggestion and latest updates.

Destin Joy
Destin Joy author of Server-to-Server Authentication in SharePoint 2013 is from Pathanamthitta, India. Destin Joy says

 Hello Everyone,

I am Destin Joy from India I have MCPD in SharePoint 2010, MCTS SharePoint 2010 application development and MCTS in SharePoint 2007. I am mostly working in  core part of SharePoint (2010-2007) and passionate about new Microsoft technologies. Born and brought up in Kerala You can reach me  @ Destin.Joy@hotmail.com


View All Articles

Please enter your Comment

  • Comment should be atleast 30 Characters.
  • Please put code inside [Code] your code [/Code].

No Comment Found, Be the First to post comment!