SharePoint if you remember is a Microsoft technology. As such, Microsoft authentication usually works relatively well together. With the move to “cloud”, the ever increasing addition of further technologies ensures the thought of… how do I integrate with my “stuff”?
Let’s review a few things first;
Classic vs. Claims Authentication
If you are still the classic world, first, sorry, second, get out. Claims is the way of the new world. You can take an claim and use that in many places like SharePoint, Office 365 or even external services like ServiceNow, SalesForce and Facebook.
- Windows Integrated Authentication
- NTLM: Old school and hacked
- Kerberos: Setup is a pain, works well and is accepted versus NTLM
- Forms (This isn’t windows or an “identity” per claims, no thanks)
- Identity Provider
- ADFS: ADFS integrates fully with SharePoint and Office 365, great option for internal and external integration. Works similarly to Ping and SiteMinder.
- Azure AD: Authenticates to Azure AD using an ACS. Great option for a SharePoint Hybrid auth model.
- PingIdentity: No true hybrid support… Non-Microsoft product.
- SiteMinder: No true hybrid support… Non-Microsoft product.
While all of these options are great, my suggestion is to pick one and stick with it, no matter what it is. Base your decision on supportable SharePoint applications like UPS, importing users from a single source and switching later is a pain. And as a good course of action, stick with Microsoft products for support in the future.
Gotta love SharePoint…