SUMMARY
OAuth in SharePoint 2013 offers many new opportunities for integrating with both SharePoint Online and SharePoint on premises. The introduction of an application identity gives developers and administrators alike new opportunities for authenticating and authorizing access to content and information in SharePoint. By building on the already-large ground swell of developer support for OAuth in the community, SharePoint can offer access to its APIs in a standards-based and well-understood manner, thus reducing the complexity and proprietary nature of the process. The authorization system built into SharePoint 2013 offers developers flexibility and control over asking for access to resources while at the same time balancing that with the security needs and controls needed by users and IT professionals running SharePoint environments.
The OAuth system is part of the new framework for building applications; however, the effects of offering standardized, remotely callable APIs is also further reaching, enabling developers a wider range of integration options dependent on their environment and scenarios.
WHAT YOU LEARNED IN THIS CHAPTER
| ITEM | DESCRIPTION |
| OAuth | An open protocol to allow secure authorization in a simple and standard method from Web, mobile, and desktop applications. |
| Application principal | An application identity giving the ability to grant access to resources on a per-application basis. |
| Server to Server authentication | The on-premises model for setting up application authentication between a SharePoint Server and application code. |