Contents
SharePoint Server supports claims-based authentication. The result of a claims-based authentication is a claims-based security token, which the SharePoint Security Token Service (STS) generates. SharePoint Server supports Windows, forms-based, and Security Assertion Markup Language (SAML)-based claims authentication.
For information about authorization related to SharePoint Add-ins, see Authorization and authentication of SharePoint Add-ins. Authorization refers to the process by which SharePoint provides security for websites, lists, folders, or items by determining which users can perform specific actions on a given object.
What authentication method does Office 365 use?
Office 365 multifactor authentication is based on Azure AD as explained before, and therefore also uses Azure multi-factor authentication.
What are the security levels in SharePoint?
SharePoint Security Permission Levels
- Full control – Complete control over the site or subsite.
- Read – Download documents and view pages/list items.
- Edit – Create, change and delete lists, list items and documents.
- Limited access – Only view specific items, lists and folders.
– NTLM is a challenge-response-based authentication protocol used by Windows computers that are not members of an Active Directory domain. Kerberos, on the other hand, is a ticket-based authentication protocol which works only on machines running Windows 2000 or higher and running in an Active Directory domain.
In federated authentication, SharePoint processes SAML tokens issued by a trusted, external Security Token Service (STS). A user who attempts to log on is redirected to that STS, which authenticates the user and generates a SAML token upon successful authentication.
What is OAuth in SharePoint?
OAuth allows users to authorize SharePoint to provide access tokens to 3rd party apps. These 3rd party apps will then use the tokens to retrieve data from the SharePoint server for that user. A token can access: a site, a resource (file, item), and for a defined duration.