SharePoint Apps authorizations
Last few days I was experimenting with SharePoint App model. Provider hosted apps which is a type of app which provide by SharePoint. In this category of apps, app will have a separate web component running out side the SharePoint box which App is installed. When the out side hosted component needs access to the SharePoint list and libraries of the SharePoint farm which app is installed there is a requirement to authorize access from those hosted web components. According to the MSDN there are three different authorizations defined for SharePoint apps which can be used in this scenarios. Low Trust – Provider hosted apps for SharePoint use Azure ACS (Access Control System) to get the token which they can use to access SharePoint resources (List libraries and other resources) which app installed SharePoint farm. This use OAuth 2.0 framework and Azure ACS is the token issuer. If app is using this mechanism it can be sold in SharePoint App Store. Low trust system is there mostly for