BlogPost

Building a SharePoint Provider-Hosted App for Office365 - Part One - The Admin Part

Building a SharePoint Provider-Hosted App for Office365 - Part One - The Admin Part



Firstly Happy new year to one and all, secondly, what is gong on with setting up a provider hosted App?

I have to be honest, this has been a proper pain in the ass post and I have had to go and come back to it many times, I have also had to split this post over 3 entries to cover everything, and all the information I have provided on these posts are how I have set it up in my environment, but hopefully it covers everything you will need to build a provider hosted app all in one place.

What is a Provider hosted App ?

A provider-hosted app is the most versatile app architecture because you can host the remote web in Windows Azure or elsewhere, use client-side and server-side code, access SharePoint data and external data, and choose from a wide range of technologies from which to build your app. However, to enable this functionality, you have more responsibility - you must ensure the app is always available, set up the remote web, configure a trust relationship and isolate tenants.

For your provider-hosted app to communicate with SharePoint and access resources, you must:
Create an X.509 Certificate for the trust relationship and export the private key in an encrypted file (We will not need this for building the app with SharePoint Online).
Register the certificate with IIS (We will not need this for building the app with SharePoint Online and will not be covered in this post).
Create a trusted token issuer in the SharePoint farm (We will not need this for building the app with SharePoint Online).
Create an app principal for the app (We will be needed this for building the App on SharePoint Online).

Note
Steps one and two are more for seperate set ups of provide hosted app on your own web servers using IIS and not needed for setting up an app on SharePoint Online.



Step One

  • Create and Register an X.509 Certificate.
  • Click on the image below so that you can actually see the script, have a read of the script and you can get the script code here change the remote web to your remote app and then run the script...



The Windows PowerShell script code you wrote and ran has created the Certificates folder in the cdrive under C:\Certificates. The certificate file and the encrypted private key file will be in this folder.





Step Two

  • Register a Trusted Security Token Issuer
  • Run the following PowerShell command...


Click here for the script code


Step Three

  • Register an App Principal

  • Run the following PowerShell command...


Click here for the script code


Completion