SecurID® Integrations
Microsoft Corporation
SharePoint 2016
Certified: April 26th, 2019
Solution Summary
Use Case
When integrated, Microsoft SharePoint end users must authenticate with RSA SecurID Access to sign in. Microsoft SharePoint can integrate using WS-Fed SSO Agent, RSA Authentication Agent for IIS or RSA Authentication Agent for AD FS. Microsoft SharePoint does not support JIT (just in time) user provisioning.
Integration Types
SSO Agent integrations use SAML 2.0, HFED or WS-Fed technologies to direct users’ web browsers to RSA SecurID Access for authentication. SSO Agents also provide Single Sign-On to other applications using the RSA Application Portal.
RSA Authentication Agent for IIS can be leveraged to secure access to Microsoft SharePoint server. RSA Authentication for IIS supports integration with RSA Authentication Manager. For more information, browse to the RSA Authentication Agent for web - IIS page on RSA link.
RSA Authentication Agent for AD FS can be leveraged to secure access to Microsoft SharePoint by way of AD FS. RSA Authentication Agent for AD FS supports integration with RSA Authentication Manager and RSA Cloud Authentication Service. For more information, browse to the RSA Authentication Agent for Microsoft ADFS page on RSA link.
Note: This guide describes SharePoint integration with RSA SecurID Access using SSO Agent only. For integration using RSA Authentication Agent for IIS or ADFS, refer to corresponding authentication agent related documentation available in the above mentioned links.
Supported Features
This section shows all of the supported features by integration type and by RSA SecurID Access component. Use this information to determine which integration type and which RSA SecurID Access component your deployment will use. The next section in this guide contains the instruction steps for how to integrate RSA SecurID Access with Microsoft SharePoint using SSO Agent.
Microsoft SharePoint integration with RSA Cloud Authentication Service
| Authentication Methods | Authentication API | RADIUS | Relying Party | SSO Agent |
|---|---|---|---|---|
| RSA SecurID | - | - | - |  |
| LDAP Password | - | - | - | |
| Authenticate Approve | - | - | - | |
| Authenticate Tokencode | - | - | - | |
| Device Biometrics | - | - | - | |
| SMS Tokencode | - | - | - | |
| Voice Tokencode | - | - | - | |
| FIDO Token | n/a | n/a | - | |
Microsoft SharePoint integration with RSA Authentication Manager
| Authentication Methods | Authentiaction API | RADIUS | Authentication Agent |
|---|---|---|---|
| RSA SecurID | - | - | |
| On Demand Authentication | - | - | |
| Risk-Based Authentication | n/a | - | |
| Supported |
| - | Not supported |
| n/t | Not yet tested or documented, but may be possible. |
| n/a | Not applicable |
Configuration Summary
This section contains links to the sections that contain instruction steps that show how to integrate Microsoft SharePoint with RSA SecurID Access using SSO Agent.
This document is not intended to suggest optimum installations or configurations. It is assumed that the reader has both working knowledge of all products involved, and the ability to perform the tasks outlined in this section. Administrators should have access to the product documentation for all products in order to install the required components. All RSA SecurID Access and Microsoft SharePoint components must be installed and working prior to the integration.
Links
Certification Details
Date of testing: March 12th,2019
RSA Cloud Authentication Service
Microsoft SharePoint 2016, Windows Server 2019
Known Issues
No known issues
