Skip to main content


What Can Claims Do For You?

In case you haven’t heard, all web applications in SharePoint 2013 will default to claims-based authentication. While it’s possible to create a “classic” web application still, Microsoft has deprecated the functionality in favor of the future. That means many organizations will be defaulting to a claims-enabled world.

Fear not! Claims is not the end of the world. In fact, it opens up a whole new world to your organization. Unlike the siloed approach that a classic web application provides, claims allows you to use multiple types of authentication on a single web application. While this doesn’t change much for the end user, aside from the need to enable cookies, it allows the administrator to augment the claims that a user gets to include more than just the basic information.

When you couple this claims augmentation with a tool like Active Directory Federation Services (ADFS), you can implement single sign on (SSO). SSO through ADFS allows you to set up multiple applications and systems as “Relying Parties”. The application trusts the authentication cookie from ADFS. So if you have a bunch of systems that all trust ADFS, then the user simply signs into ADFS and can then access all systems without signing in again. More importantly, if you use SharePoint to surface data from other relying party systems in a per-user manner, claims cookies or “tokens” can be passed to the underlying system. This provides an audit trail and removes the need for a specific access account that has more permissions than the current user.

Of course, none of this is new with SharePoint 2013. However, the deprecation of classic authentication in SharePoint 2013 means an organization is poised to take advantage of the SSO opportunity as low-hanging fruit. If you haven’t looked at using claims to create an SSO solution for your organization, deployment of SharePoint 2013 may be the right time.

Thoughts on “What Can Claims Do For You?”

  1. Pingback: What's New in SharePoint 2013? Let's ask the experts... | Microsoft Enterprise Technologies

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Andrew Schwenker

Andrew Schwenker is a Sr. Technical Consultant within Perficient’s Microsoft National Business Unit East's SharePoint practice. Andrew has nearly 2 years of experience in consulting and has participated in projects that have touched nearly every aspect of SharePoint 2010. Andrew earned his Bachelor’s degree in Computer Science as well as Master’s degrees in Computer Science and Information Systems from Indiana University. He’s interested in creating winning solutions to generate business innovation using SharePoint. Prior to starting at Perficient, Andrew completed internships with General Electric, ExactTarget, and Great American Financial Resources. During his studies, he actively participated in Alpha Phi Omega National Service Fraternity and competed in the first annual Cluster Challenge at SC07 in Reno, NV. Andrew was a part of the dynamic PointBridge team that was acquired by Perficient.

More from this Author

Follow Us