SharePoint Pals
 | Sign In
ClientID and IssuerID – Handy Notes of Provider Hosted Application on SharePoint 2013
by Sathish Nadarajan 18 Oct 2015
SharePoint MVP
Today  :   5     Total  :    6341

We had seen a lot about the Provider Hosted Apps long back on the LINK, but even then, there are much handier ways were being identified on our day to day requirement progress.

Now, let us see try to understand what is IssuerID and ClientID.


This ID is the one which should be included on our Web.Config of the PHA.

The sample Web.Config Entry is as follows.

 <add key="ClientId" value="5067de31-fab5-4240-8a69-65fd674927eb" />
     <add key="ClientSecret" value="U0pDFuzRTq6S5V/NmQ9UTymf/Q+NiztEpQuJZt1C7EI=" />
     <add key="ClientSigningCertificatePath" value="D:\MyCert.pfx" />
     <add key="ClientSigningCertificatePassword" value="SamplePassword" />
     <add key="IssuerId" value="11111111-1111-1111-1111-111111111111" />

To register this ID, we need a PowerShell Script to be executed.

 Add-PSSnapin "Microsoft.SharePoint.PowerShell"
 $issuerID = "11111111-1111-1111-1111-111111111111"
 $targetSiteUrl = "http://MySiteCollection/"
 $targetSite = Get-SPSite $targetSiteUrl
 $realm = Get-SPAuthenticationRealm -ServiceContext $targetSite
 $registeredIssuerName = $issuerID + '@' + $realm
 $publicCertificatePath = "D:\ MyCert.cer"
 $publicCertificate = Get-PfxCertificate $publicCertificatePath
  Write-Host "Create Security token issuer"
 $secureTokenIssuer = New-SPTrustedSecurityTokenIssuer -Name $issuerID -RegisteredIssuerName $registeredIssuerName -Certificate $publicCertificate -IsTrustBroker
 $secureTokenIssuer | select *
 $secureTokenIssuer  | select * | Out-File -FilePath "SecureTokenIssuer.txt"
 #Turn off the HTTPS requirement for OAuth during development
 $serviceConfig = Get-SPSecurityTokenServiceConfig
 $serviceConfig.AllowOAuthOverHttp = $true
 Write-Host "All done..."

For a SPFarm, there can be only one certificate and an Issuer ID, which we can use for many Provider Hosted Applications.


The client ID is the one which is unique for every Provider Hosted Applications. And the PowerShell Script to register this ClientID is

 # Registering App principal
 Add-PSSnapin "Microsoft.SharePoint.PowerShell"
 # set intialization values for new app principal
  $appDisplayName = "MyApp"
 $clientID = "a0f73ea5-3e12-4d3a-bce2-fb1988be6676"
 $targetSiteUrl = "http://SiteCollectionURL/"
 $targetSite = Get-SPSite $targetSiteUrl
 $realm = Get-SPAuthenticationRealm -ServiceContext $targetSite
 $fullAppPrincipalIdentifier = $clientID + '@' + $realm
 Write-Host "Registering new app principal"
 $registeredAppPrincipal = Register-SPAppPrincipal -NameIdentifier $fullAppPrincipalIdentifier -Site $targetSite.RootWeb -DisplayName $AppDisplayName
 $registeredAppPrincipal | select * | Format-List
 $registeredAppPrincipal | select * | Format-List | Out-File -FilePath "Output.txt"
 Write-Host "Registration Completed"

The same can be done by the Site as well.

1. Go to the http://sitecollection/_layouts/15/appregnew.aspx

2. Enter the Values and click on the Generate.


Even to have the ClientID and IssuerID, we need to come to this screen and click on the Generate Button to generate the GUIDs. We should not use any other tools to generate the GUID.

Happy Coding,

Sathish Nadarajan.

blog comments powered by Disqus

SharePoint Pals

SharePoint Pals, a community portal for SharePoint developers, Administrators and End Users. Let's join hands and share the point together.
Read this on mobile


Angular Js Training In Chennai
Advanced Angular Js training with real world developer scenarios
Angular Js, Web Api and Ionic for .Net Developers
All in one client side application development for .Net developers
Angular Js For SharePoint Developers
Get ready for the future. Its no more just C#

Get Connected

SharePoint Resources

SharePoint 2013 and 2010 Web Parts
Free Web Parts with Source Code for SharePoint Community

SharePoint 2013 Books and Tutorials
Collection of free SharePoint 2013 books and tutorials (eBooks, pdfs)

Supported By

Contribute your article and be eligible for a one month Free Subscription for Plural Sight. The Author of the most popular New Article (published in the previous month) will be awarded with a Free One month Plural Sight Subscription. Article can be sent to in a word document.

Related Resources

Recent Tweets

Twitter January 15, 00:25
How To Enable Target Value And Actual Value In #D3 Gauge Chart

Twitter January 15, 00:24
How To Open #SharePoint List Hyperlink Column In Modal #Popup Window

Twitter January 15, 00:24
Quick Introduction To #Asp.NetCore And It’s Features

Twitter January 15, 00:22
How To Configure #PerformancePoint Services To Use Secure Store In #SharePoint 2013

Twitter January 15, 00:21
How To Block Or Disable #Office365 Services

Follow us @SharePointPals
Note: For Customization and Configuration, CheckOutRecent Tweets Documentation