Use Facebook as an Identity Provider for SharePoint 2013 – Part 3

At this stage, we are done configuring the Azure Part

Continue Configuration Steps:

  • Go to your SharePoint Farm
  • Create a new web application
    • Make sure the claim authentication will be as the following:
      • Enable Windows Authentication = Checked
      • Integrated Windows authentication = Check
      • Select NTLM
  • PS: The Facebook authentication will be enabled later



  • After creating the web application, go and create a site collection


  • Run the following script:
    • Red parameters need to be changed depend pon your configuration
$realm = ""
$signinurl = ""
$certlocation = "C:UsersAdministratorDesktopMySharePointLogin.cer"
$rootcertificate = Get-PfxCertificate $certlocation
New-SPTrustedRootAuthority "MSharePointLogin" -Certificate $rootcertificate
$certificate = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2($certlocation)
$ClaimTypingMapping1 = New-SPClaimTypeMapping -IncomingClaimType "" -IncomingClaimTypeDisplayName "Email" -SameAsIncoming
$ClaimTypingMapping2 = New-SPClaimTypeMapping -IncomingClaimType "" -IncomingClaimTypeDisplayName "Display Name" –LocalClaimType ""
$ClaimTypingMapping3 = New-SPClaimTypeMapping -IncomingClaimType "" -IncomingClaimTypeDisplayName "Access Token" -SameAsIncoming
$ClaimTypingMapping4 = New-SPClaimTypeMapping -IncomingClaimType "" -IncomingClaimTypeDisplayName "Name Identifier" –LocalClaimType ""
$ClaimTypingMapping5 = New-SPClaimTypeMapping -IncomingClaimType "" -IncomingClaimTypeDisplayName "Expiration" -SameAsIncoming
New-SPTrustedIdentityTokenIssuer -Name "Facebook Authentication" -Description "Facebook Identity Provider" -Realm $realm -ImportTrustCertificate $certificate -ClaimsMappings $ClaimTypingMapping1,$ClaimTypingMapping2,$ClaimTypingMapping3,$ClaimTypingMapping4,$ClaimTypingMapping5 -SignInUrl $signinurl -IdentifierClaim $ClaimTypingMapping1.InputClaimType
  • realm = the URI or URL that is associated with a SharePoint web application that is configured to use a SAML token-based provider (SharePoint Web application URL)
  • signinurl = Access Control Namespace URL which was created in windows Azure.
  • $certloc = Physical path for the certificate. Make sure to select the .Cer
  • $rootcert = Get the .pfx certificate root
  • New-SPTrustedRootAuthority = Creates a trusted root authority.
  • $cert = to represents an X.509 certificate.
  • $ClaimTypingMapping = map between the new claim in SharePoint with the incoming claim from ACS.
  • New-SPTrustedIdentityTokenIssuer  = Create a new Identity Provider named Facebook Authentication


  • After running the script successfully – > Go and select the SharePoint Web Application you created – > General Setting from the top ribbon.

7 - Copy

  • Go to Claims Authentication Section and check Facebook Authentication


  • Go back and select the web application –> Click User Policy


  • In the pop windows –> Click Add Users


  • Select All zones and click Next


  • Click Browse Users


  • Select All Users –> All Users (Facebook Authentication) –> Click Add –> Click OK.


  • Select Full read – Has Full read-only access.


  • Click OK


Go to Part 2

Go to Part 4

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.