question

MichaelSuyama-0957 avatar image
0 Votes"
MichaelSuyama-0957 asked MichaelSuyama-0957 answered

OAuth for authenticating users to SharePoint Site

I've been trying to work out a way to let users authenticate to SharePoint 2016 server using Facebook. Standard claims authentication won't work because SharePoint only supports SAML 1.1 and Azure federation is not an option. I'm looking at whether OAuth can be used to authenticate users to the entire SharePoint site. From what I've read it seems like it should work but I don't know what the limitations of this approach would be in terms of managing users and permissions in SharePoint.

office-sharepoint-server-development
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

CaseyYangMSFT-4714 avatar image
0 Votes"
CaseyYangMSFT-4714 answered CaseyYangMSFT-4714 commented

Hi @MichaelSuyama-0957,

Here is a article about integrating Windows Live ID, Google and Facebook account authentications with SharePoint step by step.

1.We need Windows Azure ACS (Access Control Service) as our Trusted Identity provider. Subscribe and get one.
2.Add new Identity Provider for SharePoint with PowerShell.
3.Authorize users by granting them access to the web application.

For Reference: Integrating Windows Live ID, Google and Facebook Authentications with SharePoint 2013
Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.


If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi Casey thanks but ACS was retired by Microsoft on November 7, 2018 so I'm not sure how that article helps. We already looked at Azure B2C and B2B and neither one works for our needs.

0 Votes 0 ·

Hi @MichaelSuyama-0957,

QAuth is currently not supported in the Q&A forum. I would suggest you open a ticket with Microsoft for further help.

0 Votes 0 ·
sadomovalex avatar image
0 Votes"
sadomovalex answered

We already looked at Azure B2C and B2B and neither one works for our needs.

can you tell more details why Azure B2C doesn't work in your case? From what MS says in ACS migration guide:

For web applications that use Access Control for user authentication, Access Control provides the following features and capabilities to web application developers and architects:
Federation with Google, Facebook, Yahoo, Azure Active Directory, and AD FS accounts, and Microsoft accounts.
...
Unfortunately, there isn't one service that offers all of these equivalent capabilities. You should evaluate which capabilities of Access Control you need, and then choose between using Azure Active Directory, Azure Active Directory B2C (Azure AD B2C), or another cloud authentication service.

And with Azure B2C it is possible to setup authentication via Facebook: Set up sign-up and sign-in with a Facebook account using Azure Active Directory B2C.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MichaelSuyama-0957 avatar image
0 Votes"
MichaelSuyama-0957 answered

The problem is not with Azure B2C per se, it is with SharePoint. SharePoint 2019 only supports SAML 1.1 and does not support later SSO protocols. SharePoint Subscription Edition (2021) does add support for OIDC which B2C supports. However, our testing, and Microsoft Support confirmed, the certificate formats are incompatible so they can't establish a secure provider connection.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.