SSS in SharePoint

Microsoft SharePoint Server 2013 provides a default feature of Secure Store Service (SSS) which has replaced the Single Sign-On (SSO) service, a feature of Microsoft office SharePoint Server 2007 for the storage and mapping of credentials for use in connecting with third-party or back-end systems. Many companies have already developed an in-house credential storage system or use a solution other than Microsoft Secure Store Service (SSS).


In SharePoint Server 2013, Secure Store helps to provide access to SQL server data meaning the data outside SharePoint Server 2013. However it allows a business intelligence service application to access data on behalf of a SharePoint Server 2013 user who is attempting to access that data which called 'impersonation'. Secure Store provides mapping between BI services applications, users, and credentials that specifies which users will be allowed to access the BI service application to access data in using impersonation.


Sequence of events occurs as follows:

  • A SharePoint Server 2013 user accesses a data-connected object such as an Excel Services worksheet, Visio Services diagram, or PerformancePoint Services dashboard.
  • The Business Intelligence Service Application accesses the target application specified by the object.
  • If the user is a Member of that target application, the credentials stored in the target application are returned and the Business Intelligence Service Application impersonates the credentials while accessing the data.
  • The data is displayed to the user within the context of the worksheet, Visio diagram, or dashboard.

Replacing the default SSO Provider, SpsSsoProvider, in SharePoint Server 2013 involves implementing the Microsoft.SharePoint.Portal.SingleSignOn.ISsoProvider, installing it into the global assembly cache, and registering the new SSO provider with SharePoint Server 2013.


At any time, you can only register a single SSO Provider for SharePoint Server 2013. Registering a new SSO Provider replaces SpsSsoProvider in SharePoint Server 2013. The implementation requires careful analysis and review of pluggable SSO based on the scenario required by your organization. 


Please contact us to discuss your specific scenario and we will be happy to help you provide our consultation for the most efficient deployment.​ You may drop your inquiry at info@bitscape.com