Create SharePoint trusted token ID for Provider hosted App


We know that provider hosted app’s logic executes outside of the SharePoint farm and hence SharePoint farm needs to be authenticated via issuer Id and following script will help you to generate the Issuer ID for the same:

if ( (Get-PSSnapin -Name Microsoft.Sharepoint.Powershell -ErrorAction SilentlyContinue) -eq $null )

Add-PsSnapin Microsoft.Sharepoint.Powershell

#Create Issuer ID
$issuerID = [System.Guid]::NewGuid().ToString()

#Get registered Issuer Name

$SPSiteUrl ="http://Spserver:portNumber"
$SPSite = Get-SPSite $SPSiteUrl
$SPrealm = Get-SPAuthenticationRealm -ServiceContext $SPSite
$registeredIssuerName = $issuerID +'@' + $SPrealm

#Validate the request sent by external server via public certificate
$publicCertificateLocation = "C:\Dipti\AppCerts\OnPremApp.cer"
$publicCertificate = Get-PfxCertificate $publicCertificateLocation

#Say to share point that one issuerID shared multiple client IDs.Meaning same certificate can be used for other apps as well

$SPsecureTokenIssuer = New-SPTrustedSecurityTokenIssuer -Name $IssuerID -RegisteredIssuerName $registeredIssuerName -Certificate $publicCertificate -IsTrustBroker

#Turn Off the https requirements specifically for development environment
$ServiceConfig = Get-SPSecuritytokenServiceConfig
$ServiceConfig.AllowAuthOverHttp = $true

#Run ISSReset to available the IssuerID

#Get your available IssuerID
write-host "Your available Issuer ID:" $issuerID

Use your available Issuer ID in your provider hosted app !

Happy sharePointing 🙂

Dipti Chhatrapati

Dipti Chhatrapati is a SharePoint specialist currently working as a Senior Consultant for CapGemini in Mumbai, India. She has more than 9 years of experience in application development, design, maintenance, administration and is continuously working with improving her skills and keeping them up to date. As a developer, project leader and SharePoint Business Analyst, she has been an extensive user of Visual Studio and Team Foundation Server throughout her career. Dipti is very passionate about music, sports, and arts and loves to spend her free time learning new things, socializing with friends and family, cooking, exercising and singing.

Leave a Reply

2 Comments on "Create SharePoint trusted token ID for Provider hosted App"

Notify of
Sort by:   newest | oldest | most voted
Murugesh Pandian

Its for HighTrust app ?

Floating Social Media Icons by Acurax Wordpress Designers
Visit Us On TwitterVisit Us On FacebookVisit Us On Linkedin