I am trying to get multiple identity providers (Google, Facebook, multiple ADFS) working with a SharePoint 2013 web application provisioned on Office 365.
I know about options related to ADFS and Shibboleth, but am wondering if there is any way to get Azure ACS to handle the authentication for this web app. I do have an on-premise SharePoint 2013 web application working with Azure ACS, but don’t have much info around how to do the same thing with Office 365 or if it’s even possible.
Not supported (yet).
Given that Office 365 use Windows Azure AD, we can hope that ACS support will come one day.
Related
I have a SharePoint Online application that access an API the reside outside my network and one of our Azure. This API is accessibly through public. I am using this API to access data in my SQL server, with this I am worried that my API is not secure and I am wonder what are the things I can do to secure my API so that no only users logged in to our SharePoint can use it.
There are several ways in which you can secure it. These ways vary in complexity and each have their specific considerations.
Secure an API with Azure AD
If you're using Office 365, securing custom APIs using Azure AD is an architectural option that you should definitely consider. First and foremost, it allows you to secure the access to the API using existing organizational credentials that are already managed through Office 365 and Azure AD. Users with an active account can seamlessly work with applications that leverage APIs secured with Azure AD. Azure AD administrators can centrally manage access to the API, the same way they manage access to all other applications registered with Azure AD.
More info: here
I want to use office 365 api to open and edit the documents stored on my server.
How can i upload files from my server to office 365 account without knowing to end user i.e. without asking the credential to end user.
What i want to do is when there's any open request will upload that file to my office 365 business account and will open that in office online or from office 365 api.
How can i achieve this from my asp.net MVC application.
Can i use WOPI here.
Any sample example will be appreciated.
If you want to view or edit your Office files in a web browser, you should deploy an instance of Office Online Server (Office Web Apps) and implement a WOPI host.
You most certainly SHOULD NOT go the way you suggested - uploading documents to Office 365 via API and somehow figuring out their view/edit URLs. (In this case you wouldn't need to implement the WOPI workflow but it's total nonsense.)
If you need some .NET examples, check out my other answer.
If you want to learn more about MS-WOPI and related protocols, read this answer.
In order to connect to one-note API from a .net application, We need client id and client secret. For office 365 account it requires the user to register in windows azure. Is there a way to get the client id/secret for office 365 account without windows azure account ?
Yes, you can do it without registering your app in Windows Azure.
You do need to register your app with the Microsoft Account Developer Center https://account.live.com/developers/applications/ and that will give you a client ID and secret you can use in your ASP.net site without using Azure.
Here is a great tutorial walking you from beginning to end: https://channel9.msdn.com/Series/OneNoteDev/Getting-Started-with-the-OneNote-API-ASP-NET-Edition
I am trying to evaluate a strategy where I can integrate our Azure based application to SharePoint Online.
The idea is to provide seamless UI so that they are able to use the best of the features from both these applications without having to navigate away from our application.
We would like to bundle the application with Sharepoint online so that if a user comes to our application they will see another tab for collaboration which will open SharePoint online in a seperate iFrame or something like that.
However the issue here is that we do not want the user to keep another set of user credentials for SharePoint online. Is there a way where we can provide some kind of single sign on here.
Our application uses forms based authentication.
I could verify that you sure can use ClaimBased SSO with Azure and SPOnline. Look for the following:
Claims-Based Single Sign-On for the Web and Windows Azure
Remote Authentication in SharePoint Online Using Claims-Based Authentication
So using Claim Based Authentication (Use Windows Azure ACS) you can merge SP online and Azure Web Role together.
How can i integrate Sharepoint authentication into my BPOS setup? i want users to login to Sharepoint using the same credentials they use to login to BPOS. This is to avoid having to use seperate FBA for Sharepoint 2010.
Do note that the Sharepoint i used is Sharepoint 2010 enterprise and not Sharepoint Online.
Thanks
Depends a bit on your scenario and if you are using identity federation.
If you are federating your identities to the cloud/office365 using DirSync then you have SSO to both on-premise and SSO.
If you only have MSOnline users, ie no AD on-premise or at least not syncing it, then you need to set up your on-premise SP2010 with claims support and set up a trust relationship with the Office365/SPOL STS. (At the moment since Office 365 is in private beta and under NDA - that's about what I dare to share...but it's doable)