Why Secure Store Service ?

Hello SharePointer πŸ™‚

Secure store service – till now It has always made me confused like how it works and why it’s used.I was reading about BCS in SharePoint and again SSS came front of me – let me attack on actual concept to clear my confusion about it !!! πŸ˜›

Generally, SharePoint uses SSS with BCS when there is a need to access the external business data. Let’s take example of SharePoint Online and External Data source (Business applications/partner resources/SQL Server Database/Web Service etc.) as shown below:

SharePoint Secure Store Service
SharePoint Secure Store Service

There is a possibility that username and password used to access external data may not be the same as the username and password used to access SharePoint Online.


When a user accessed a SharePoint Online page that displays the information from the external data source using valid SharePoint credentials, SharePoint must make a separate request to get the information from the external data source.

A separate request must be made with credentials that are known to the external data source, only then SharePoint can display the information from the external data source on the page.

From the above diagram and explanation it has been understood that Secure Store Service stores the external data system credentials.

Additionally, The Secure Store Service is designed to create a background mapping between SharePoint user group, and a single user known to the external data system.

To summarize all the information, When the Secure Store Service is properly configured, following executions happens:

  • A user authenticates to SharePoint Online via valid credentials.
  • Inside SharePoint Online, the Secure Store Service uses mapped credentials known to the external data source for the authenticated user.

Another benefit of the Secure Store Service is that it eliminates authentication prompts for users. When users navigate to SharePoint Online pages that access external data source because Secure Store Service is active in the background and hence checking user rights and providing mapped credentials to the external data when appropriate. This allows users to access the required data without prompting them to enter usernames and passwords specific to the external data source.

I can take a break now πŸ˜‰

Enjoy SharePoint Run! πŸ™‚



Dipti Chhatrapati

Dipti Chhatrapati is a SharePoint specialist currently working as a Senior Consultant for CapGemini in Mumbai, India. She has more than 9 years of experience in application development, design, maintenance, administration and is continuously working with improving her skills and keeping them up to date. As a developer, project leader and SharePoint Business Analyst, she has been an extensive user of Visual Studio and Team Foundation Server throughout her career. Dipti is very passionate about music, sports, and arts and loves to spend her free time learning new things, socializing with friends and family, cooking, exercising and singing.

Leave a Reply

Be the First to Comment!

Notify of
Animated Social Media Icons by Acurax Responsive Web Designing Company
Visit Us On TwitterVisit Us On FacebookVisit Us On Linkedin