Sunday, May 6, 2012

Configure the Secure Store Service SharePoint 2010

The Secure Store Service is a claims-aware authorization service that includes a secure database for storing credentials. These credentials usually consists of username and passwords but can also contain some other fields. Then these credentials can be used to connect external systems like SQL server, BCS etc.

The first time you access the Secure Stored Service it will ask you generate a new encryption key. This key will be used to encrypt and decrypt credentials stored in Secure store.

Generate new encryption key
Open Central Admin site. 
Go to Application Management > Service Applications > Manage Service Applications.
Select Secure Store Service and click Manage in Ribbon.
On Ribbon click "Generate New Key". Enter Pass Phrase and click OK.

Next step is to create Target Application. A Target Application Maps credential of a user, group to a set of encrypted credentials stored in secure store.

Create Target Application
Click "New" in Ribbon under "Manage Target Application" Group.
"Target Application ID": This is unique string to identify target application.
"Display Name": Display name of target application.
"Email": Email of primary contact of target Application.
Target Application Type": Drop-down list, choose the target application type: There are two primary types for creating a target application:
  • Group, for mapping all the members of one or more groups to a single set of credentials on the external data source.
  • Individual, for mapping each user to a unique set of credentials on the external data source.
Click Next. 
On this screen we can define fields that can be supply to external sources. By default two fields will be listed "Window User Name" and "Window Password".

Click Next.
Specify the Target Application Administrators and click OK.

Now if you have chosen Target Application Type as Individual the users can add individual credentials using default page
http://{your site url}/_layouts/SecureStoreSetCredentials.aspx?TargetAppId={TargetApplicationID}, where  {TargetApplicationID}  is the string typed in the "Target Application ID" box.

1 comment:

  1. Anmol, thank you for this post. I have one question. Where do we get the target application name from. Is it something we make up or do we get it from another source, like an Excel file name or data connection name? Best regards.


Popular Posts