Friends don’t let friends use Claims Based Authentication

How to recognize if your site admin is using (claims-based authentication)

This one’s pretty easy – as soon as you enable claims-based authentication in SharePoint 2010, it attaches a coded ID to all the usernames that looks like this: i:0#.w|contosousername. This coded ID looks like a weird error to the uninitiated, but not to you – oh no! You know what it all means and are able to decrypt it using the following handy-dandy decoder ring:

Claims Based Authentication

* Thanks to Joris Poelmans’ slideshow: Claim Based Authentication in SharePoint 2010 for Community Day 2011,

Take it easy, man… claims are fun!

From what I’ve been able to learn about it, claims-based authentication has some interesting possibilities that make it worth exploring but has a few major gotchas. For instance, once you’ve transitioned to claims-based authentication, it’s a one-way street – there’s no going back.


Basically, as with any technology changes, if it’s set up properly it has a lot of new and shiny things that you can do – if set up incorrectly, it will cause a lot of headaches and will have you either blowing your application away and re-creating it, or restoring from your latest backup.

One thought on “Friends don’t let friends use Claims Based Authentication

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.