Learning Center

SharePoint Claims Provider

Microsoft SharePoint 2010/2013 allows SharePoint developers to create custom Claims Providers. Claims Providers created in SharePoint can be used for adding claims to the security tokens of users and for website administrators to see these custom claims when configuring permissions on secure objects like lists, sites, items, and documents.

Custom Claims Providers allows SharePoint to leverage other Identity Providers for Single Sign-on authentication such as custom application directories or even Social Media logins like Facebook, Google, SalesForce.com, Twitter and others via standard protocols like SAML, OAuth and WS-Federation.

A Claims Augmentation Provider is a version of a Claim Provider wherein another second Claim Provider takes care of authentication while the Claims Augmentation Providers are called during the login process to insert any additional claims about the user being authenticated to the user’s token.

The People Picker control in SharePoint is used to find and select people, groups, and claims when a site, list, or library owner assigns permissions in Microsoft SharePoint Server 2010. When claims-based authentication is used, the People Picker allows end-users to search and select claims for permissions assignments from a custom Claim Provider or Claims Augmentation provider just as they would normally search for users or groups. Typically a Claims Provider would support more flexible role-based assignments or dynamic fine-grained authorization assignments to increase the flexibility and security of the SharePoint permissions system.