Credentials are stored in Secure store by “Target Applications“.
A target application maps the credentials of a user, group, or claim to a set of encrypted credentials that are stored in the Secure Store database. Once you create a target application, you can associate it with any external content type or application model, or use it with a Business Intelligence Service Application such as Excel Services or Visio Services to provide access to an external data source.
This is how it works:
When SharePoint Server calls out loud for Target application, secure store listens to it and checks the authorization the server has. Then it unlocks and gives the server credentials from secure store. Server can then use this to access the target application without any issue.
Lets see how to create a target application:
Target applications are configured on the Secure Store Service Application page in Central Administration.
- Go to Central Administration, and in the Application Management section, click Manage service applications.
2. Select on Secure Store Service and click on Manage
3. Create new Key if not created earlier on. This key should be remembered forever and would be better if you can note it down somewhere in your server itself. Click on Generate New Key on the menu bar and type in the passphrase twice.
3. Once you save this passpharse you will be led to this screen where the “New” button will be enabled.
4. Enter all the below information and create a target application.
- Target Application ID: This is the unique string that you will use externally to identify this target application.
- Display Name: type a text string that will be used to display the identifier of the target application in the user interface.
- Contact Email: type the e-mail address of the primary contact for this target application
- Target Application Type: Select Individual or Individual Ticket or Individual Restricted or Group or Group Ticket or Group Restricted. If the credentials needs to be given on an individual basis then select individual or if it can be per group, then select Group type.
- Target Application Page URL: Select Default Page or Custom Page. Custom page needs URL to be specified.
5. Click on Next and specify the credentials that you will be storing in. There are a few that you can store but by default Windows User Name and Windows Password will be added. You can click Add Field and add either
Clicking on next button will ask you for administrators for this target application and finally clicking again on next will end the process of creating a target application.
The last step would be to set credentials for the target application and you would be able to use the target application from then.
Setting up credentials for Target Application:
1. Right Click on TargetOne and select “Set Credentials”.
2. Enter the Owner and windows user id and password in the next page and click ok to save.
And the target application is completely created and ready to be used.