Authentication(s) in SharePoint - An Overview


It is the process by which the identity of a user who requests access to a SharePoint web application and its contents. Authentication controls whether or not a user has permission to access sites on a SharePoint web application. 


It is the process by which a user is granted access to specific resources within a SharePoint site.  Authorization controls what documents, lists, libraries, etc. a user can access on a SharePoint site once they have been successfully authenticated.

The result of a claims-based authentication is a claims-based security token, which the SharePoint Security Token Service (STS) generates. The result of a Windows classic mode authentication is a Windows security token. We recommend that you use claims-based authentication for user authentication.


SharePoint 2013 supports the following authentication types:

Windows authentication
Windows Authentication is the simplest because it takes advantage of a company’s existing authentication provider (i.e. Active Directory) to validate a user’s credentials and, grant or deny permissions to access to SharePoint sites.  

Windows authentication provides the most seamless user experience for users who already have access to Windows-based network resources because once the user has logged onto the domain, they are not required to provide their credentials again to access SharePoint.  The two most common types of Windows authentication are NTLM and Kerberos.


Forms-based authentication

Forms-based authentication is a claims-based identity management system that validates users based on credentials that the user provides via a login form on a web page. When the user submits the form, the username and password that were provided are validated against credentials that are stored in a membership provider such as a SQL Server database.

Forms-based authentication allows for credentials to be created and stored for non-domain users who are external to an organization. Forms-based authentication can be used against credentials that are stored in an authentication provider such as the following:

  1. Active Directory Domain Services
  2. A database such as a SQL Server database
  3. An Lightweight Directory Access Protocol (LDAP) data store such as Novell eDirectory,
  4. Novell Directory Services (NDS), or Sun ONE


SAML token-based authentication

A SAML token-based authentication environment relies on at least one identity provider security token service (IP-STS) to handle the actual authentication of users.  Moreover, SAML token-based authentication allows for the authentication of users from multiple attribute stores.

The available types of authentication providers for SAML token-based authentication depends on the IP-STS being used in an environment. If Active Directory Federation Services 2.0 is used, authentication providers (known as attribute stores for AD FS 2.0) can include the following:

  1. Windows Server 2003 Active Directory and AD DS in Windows Server 2008
  2. All editions of SQL Server 2005 and SQL Server 2008
  3. Custom attribute stores

SharePoint 2013 also supports multiple authentication providers for a single web application.  If there is only one zone for a web application and multiple authentication methods are configured, users will be presented with a dropdown box prompting them to choose which authentication provider they wish to use.

Another point to consider is that the SharePoint crawl component requires NTLM to access content. Therefore, at least one zone on a web application must be configured to use NTLM authentication. If NTLM authentication is not configured on the default zone, the crawl component can use a different zone that is configured to use NTLM authentication.


Posted: Mar 6, 2018,
Categories: SharePoint & EPM,
Comments: 0,
Author: Urish Arora
Rate this article:

Urish AroraUrish Arora

Other posts by Urish Arora

, Contact author

Please login or register to post comments.




«May 2020»

  • Featured Posts
  • Recent Posts
  • Recent Comments
Dynamics365Authority is a community platform for Professionals and Students to contribute or share their knowledge and skills on Microsoft Dynamics 365 Technologies. Our primary goal is to invite professionals on Dynamics 365 technology across the world to contribute & share their knowledge and skills through their blogs so that we can help other developers.
Stay updated with Dynamics 365 technology. Improve skills and knowledge from our blogs, articles and code snippets. Learn it. Follow professionals and learn from them.
Unified Service Desk Book(Online Edition) 


Stay connected with us on our social media channels for latest articles, blogs posts etc.  We will keep updating regularly on our social media platform and web platform.


Follow us on Facebook



View all our tweets



Join us now



View our blogs



Latest Blog

Posted: Mar 7, 2020

Attach files to Notes record of Microsoft Dynamics 365 CRM from the D365 CRM Custom Portal

This blog is about to add Attach Files to Notes records in an entity of Microsoft Dynamics 365 CRM from the D365 CRM Custom Portal

Read more
Posted: Feb 7, 2020

PowerApps Portals - Quick Start

This blog is about to create a portal in PowerApps and its adding page and entity list into the page.

Read more
Posted: Feb 6, 2020

What is the New PowerApps Portal?

This blog is about the detail discussion on PowerApps Portal

Read more


Dynamics 365 - Search the library for "Dynamics 365"

  What's New in Dynamics 365

  Dynamics 365 Documentation


  Sign-up for 30 days trial



Recent comments


Nice blog. Very helpful to get all references to white papers at one place.

Previous Next

About Us

Here comes the Dynamics 365 Authority - Great technical blog posts are hidden gems. They are hard to find simply because not enough of us write them in the first place. Yet technical blogging is one of the best things we can do not only for ourselves, but also as members of the wider community of developers.

Dynamics 365 Authority leverages this platform to help developers and users to move from traditional paper-based process to modern digital business process. helps your business grow, evolve and transform. is your Digital Transformation Partner

Recent Posts

Attach files to Notes record of Microsoft Dynamics 365 CRM from the D365 CRM Custom Portal

This blog is about to add Attach Files to Notes records in an entity of Microsoft Dynamics 365 CRM from the D365 CRM Custom Portal
  • 605
  • Article rating: No rating

PowerApps Portals - Quick Start

This blog is about to create a portal in PowerApps and its adding page and entity list into the page.
  • 211
  • Article rating: 5.0

Follow Us


Tag cloud: with Urish Arora;; Sales; Leading community site on MS Dynamics 365; Dynamics 365 Authority; Service;Top CRM Blogs; Urish Arora - Australia's leading expert on Digital Transformation;  Digital Transformation; Field Service;Top Articles on MS Dynamics CRM Relationship Insights; Office 365 Security Compliance; Project Service; Microsoft Dynamics 365 for Sales; Relevance Search; Goal Metrics; Activities and Case; Sales Literature;Knowledge Management;

Terms Of UsePrivacy StatementCopyright 2020 by Dynamics365Authority
Back To Top