Wanted to record brief demo of how to protect WebAPI data endpoint with ADAL (Azure Active Directory) Authentication Library. Azure Portal enables us to register custom SPA (Single Page Application) for secure API calls to backend REST data sources. OAuth Bearer HTTP headers are applied to provide security with JWT tokens (JSON Web Token). Video shows all steps from Azure Portal registration to F12 validation of REST data calls.
SharePoint is often treated as a final SAAS product to perform Microsoft native functions only. Management can be reluctant to engage customization and development for the perceived cost.
However, what is the cost of lacking a needed business tool? Lost productivity and opportunity?
What is the cost to create native SP features? Make a blank IIS website? Then create your own search, audit, permission interface, file store, REST endpoint, etc.?
Remember, SharePoint is a service– not the final product.
Authentication – User context. Password management, new account creation, integrated single sign-on.
I needed a quick reference to introduce developers with the SharePoint 2013 App Model.
The stability which comes from this approach is significant. We wan to run on-premise SharePoint similar to how Microsoft operates Office 365. No more SharePoint customization lost during patching. No more late night WSP and IISRESET outages. Code can be modified more fluidly and IE breakpoints can even be set at a single user’s desktop when troubleshooting. Exciting and powerful tools – which require a new way of thinking.
Please fee free to download the poster I made below. Hope you find it helpful!