Tuesday, March 20, 2018

SharePoint Provider Hosted Add-in Trust Types


Introduction

This blog is about SharePoint Provider Hosted Add-in Trust Types. It provides the details for kind of trust types to be used while deploying the SharePoint Provider Hosted Add-in on different hosting environment.

About SharePoint Provider Hosted Add-in

Microsoft has officially renamed the SharePoint provider hosted App as SharePoint Provided Hosted Add-in. The provider hosted add-in can be installed on SharePoint on premises server or in SharePoint online platform but the key business logic component is deployed outside the SharePoint environment which provide us the flexibility to go with any programming language. The SharePoint hosted app has to be designed with client side programming framework and in any ways server side coding is not allowed in SharePoint hosted app.
In SharePoint provider hosted Add-in you have option to host it with your required hardware choice. You can ask your IT department to host the add-in on dedicated server         or any third party hosting service. Azure is one of the good suggestion for hosting the add-in. The provider hosted app can also use the SharePoint standard stuffs for any business requirement but the SharePoint standard stuff will run on SharePoint environment.
Courtesy: Microsoft Docs


The provider hosted add-in will use OAuth or JSOM to communicate with standard SharePoint components. The Microsoft Azure Access Control Service (ACS) is playing trust broker role when this SharePoint provided hosted add-in is hosted on Azure and installed on O365. If the add-in is installed in SharePoint on premises server then it needs server certificate along with ACS to enable high trust between add-in and SharePoint.

Trust Types Details

Below table illustrates the kind of trust required in SharePoint Provider Hosted Add-in and SharePoint according to its various deployment and installation places.  
Trust Type
SharePoint Add-in Location
SharePoint Platform
Comments
ACS
Azure or Any Cloud Service
SPO
ACS trust will be used when add-in is deployed on Azure
ACS
On Premises
SPO
 “”
ACS + Certificate
On Premises
On Premises
ACS + certificate will be required in case of SharePoint on premises and add-in deployed on premises
ACS + Certificate
On Cloud
On Premises
“”

SPO - SharePoint Online
ACS - Azure Access Control Service

Conclusion

My objective here is to update the tech community about latest changes done my Microsoft about the naming convention of the SharePoint Provider Hosted Add-in. This blog also educate the techies for various kinds of trust type for SharePoint Provider Hosted Add-in and which needs to be used in what deployment scenario. This knowledge is important to the peoples before taking the work in hand.

No comments: