Forum Discussion
SharePoint Brand Center CDN: How does the authentication works
I am evaluating the SharePoint Brand Center & Organization Assets Library. I was looking for some information on how Microsoft protects files uploaded to Private CDN. Public CDNs can be accessed anonymously with the referrer parameter in the request header. However, I couldn't find any technical diagram on the workings of private CDN.
Is there a workflow or HLD that can be shared with us?
Thanks!
4 Replies
It appears that Microsoft has not published a dedicated security diagram specifically for the Office 365 CDN. However, relevant information can be found toward the bottom of the page linked below.
Private origins within the Microsoft 365 CDN provide private access to user content such as SharePoint document libraries, sites and media such as videos. Access to content in private origins is secured with dynamically generated tokens so it can only be accessed by users with permissions to the original document library or storage location. Private origins in the Microsoft 365 CDN can only be used for SharePoint content, and you can only access assets through redirection from your SharePoint environment.
I will present this information to the security team.
Thank You Pankaj for sharing this information!
Hi
maybe you can find the information what you looking for in this article: https://learn.microsoft.com/microsoft-365/enterprise/use-microsoft-365-cdn-with-spo?WT.mc_id=DX-MVP-5004845
Best, Dave
Thank you for sharing this link, Dave. I have already reviewed it and its diagram.
However, our security team requires information regarding the request/response payload and details about the security layer for the CDN, which are not included here.
