Use Facebook as an Identity Provider for SharePoint 2013 – Part 2

At this stage we are done configuring the Facebook part.

Continue Configuration Steps:

  • Now we need to create a signing token certificate. This is used to sign tokens issued to SharePoint Web Applications.
  • Open command prompt, browse to MakeCert.exe command which can be found in the Bin folder of the Microsoft Windows Software Development Kit (SDK) installation path.
    • If MakeCert.exe is missing, then download and install Windows SDK from here
  • Run the following command:

MakeCert.exe -r -pe -n "CN=mysharepointlogin.accesscontrol.windows.net" ^

-sky exchange -ss my -len 2048 -e 05/29/2014

 

  • After the operation succeed, go to Control Panel –> Administrative Tools –> Manage Computer Certificate.
  • Expand Certificates – Current User, Personal, and click on Certificate. You will find the newly created signing token certificate.

2

  • Right Click on the new certificate go to All Tasks –> Export.
  • Choose No, do not export the private key, and click next.

3

  • Choose Base-64 encoded x,509 (.CER), and click Next.

4

  • Save the Certificate on the Desktop, ex: "C:UsersAdministratorDesktopMySharePointLogin.cer"
  • Go again to Control Panel –> Administrative Tools –> Manage Computer Certificate.
  • Browse to the same certificate again (Current User –> Personal -> click on Certificate).
  • Right Click on the new certificate go to All Tasks –> Export.
  • Choose Yes, export the private key, and click next.

5

  • Choose Personal Information Exchange –PKCS #12(.PFX) and click Next.

6

  • Choose Password, and choose a password; remember this password as it will be used later.

7

  • Save the Certificate on the Desktop, ex: "C:UsersAdministratorDesktopMySharePointLogin.pfx”

 

  • Go to your Access Control Namespace URL:
    • http://MySharePointLogin.accesscontrol.windows.net (Mine)
    • http://YourNamespaceTitle.accesscontrol.windows.net (Your namespace title)
  • Click on Identity Providers.

11

  • Click Add

12

  • Select Facebook and click Add

13

14

 

  • Click on Relying Party Applications from the left navigation, then click Add.

15

 

image

  • Fill the related information for the relying party (SharePoint)
    • Token encryption policy –> None
    • Token lifetime (secs) –> 4000
    • Choose Facebook as Identity Provider.
    • Check Create New Rule Group
    • Browse to the certificate you exported from the previous step; choose the certificate with .PFX extension.
    • Enter the password you created when you exported the certificate.
    • Click Save.

18

  • Click Rule Groups from the left navigation and then click on Default Rule Group for MySharePointLogin.com

19

  • Click Generate

20

  • Choose Facebook and click Generate

21

  • Click Save

22

Go to Part 1

Go to Part 3

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.