Jean Paul's Blog

There are 2 types of People in the World, One who Likes SharePoint and..

  • Microsoft MVP

  • MindCracker MVP

  • CodeProject MVP

  • eBook on SharePoint 2010

  • eBook on Design Patterns

  • eBook on Windows Azure

  • NLayers Framework @ CodePlex

  • MSDN Forums

  • .Net vs. Java

    Due to Public Demand
  • Advertisements

Posts Tagged ‘claims’

Claims based Authentication

Posted by Paul on March 5, 2015

I am writing a series of articles about Claims based Authentication in SharePoint 2013.

Claims based Authentication

Claims based Authentication allows decoupling of Authentication from an Application. By default SharePoint uses Windows Classic mode Authentication.


Claims are XML based SAML 2.0 token. Each token will be encrypted and contains user identity information. For example a claim can contain:

1. User name

2. Access Rights

Federated Authentication

Claims based Authentication is also called Federated Authentication as the Authentication is federated to a 3rd party provider. Following would be a typical scenario for Claims based Authentication.

Imaging you has a SharePoint site for Document Management. You have shared the site in public. Your customers are different Corporations like Corp A, Corp B etc. A corporate employee of Corp A needs to access the SharePoint site. It is tedious to maintain an authentication for each corporation in the SharePoint active directory. Here the corporate employee who is authenticated with their own company public sites & produce the same claims to access our SharePoint site.

Thus the authentication is externalized.


The image above depicts the following:

1. User access to SharePoint Site

2. SharePoint Site redirects to the Corp A login page

3. User authenticates to Corp A

4. Corp A provides a set of claims to the user

5. Corp A redirects to SharePoint Site

6. SharePoint Site validates the claim

7. User is given access to SharePoint Site

There should be a pre-configured Trust between SharePoint Site & Corp A application for the above to work.



In this post we have explored basics of claims based authentication. In the upcoming articles I will explain how to setup create a custom claims provider for SharePoint 2013


Posted in SharePoint, SharePoint 2013 | Tagged: , | Leave a Comment »