Create SharePoint trusted token ID for Provider hosted App


We know that provider hosted app’s logic executes outside of the SharePoint farm and hence SharePoint farm needs to be authenticated via issuer Id and following script will help you to generate the Issuer ID for the same:

if ( (Get-PSSnapin -Name Microsoft.Sharepoint.Powershell -ErrorAction SilentlyContinue) -eq $null )

Add-PsSnapin Microsoft.Sharepoint.Powershell

#Create Issuer ID
$issuerID = [System.Guid]::NewGuid().ToString()

#Get registered Issuer Name

$SPSiteUrl ="http://Spserver:portNumber"
$SPSite = Get-SPSite $SPSiteUrl
$SPrealm = Get-SPAuthenticationRealm -ServiceContext $SPSite
$registeredIssuerName = $issuerID +'@' + $SPrealm

#Validate the request sent by external server via public certificate
$publicCertificateLocation = "C:\Dipti\AppCerts\OnPremApp.cer"
$publicCertificate = Get-PfxCertificate $publicCertificateLocation

#Say to share point that one issuerID shared multiple client IDs.Meaning same certificate can be used for other apps as well

$SPsecureTokenIssuer = New-SPTrustedSecurityTokenIssuer -Name $IssuerID -RegisteredIssuerName $registeredIssuerName -Certificate $publicCertificate -IsTrustBroker

#Turn Off the https requirements specifically for development environment
$ServiceConfig = Get-SPSecuritytokenServiceConfig
$ServiceConfig.AllowAuthOverHttp = $true

#Run ISSReset to available the IssuerID

#Get your available IssuerID
write-host "Your available Issuer ID:" $issuerID

Use your available Issuer ID in your provider hosted app !

Happy sharePointing 🙂

Dipti Chhatrapati

Dipti Chhatrapati is a passionate and ambitious SharePoint & Office 365 specialist, including technologies that are or will be directly interacting with SharePoint technology stack. She currently holds a position of manager as SharePoint/Office 365 Architect in Capgemini, Mumbai.

Leave a Reply

2 Comment threads
0 Thread replies
Most reacted comment
Hottest comment thread
2 Comment authors
Dipti ChhatrapatiMurugesh Pandian Recent comment authors
newest oldest most voted
Notify of
Murugesh Pandian

Its for HighTrust app ?

Floating Social Media Icons by Acurax Wordpress Designers
Visit Us On TwitterVisit Us On FacebookVisit Us On LinkedinVisit Us On Instagram