Developing SharePoint Online Solutions
SharePoint Online provides a robust, flexible development surface for developers to create custom solutions, using a core subset of the development options available when developing against SharePoint on-premises.
Last modified: October 17, 2011
Applies to: SharePoint Designer 2010 | SharePoint Foundation 2010 | SharePoint Server 2010
Because SharePoint Online administrators own and administer site collections in SharePoint Online, instead of entire farm installations, the development approach to SharePoint Online is necessarily scoped to the site collection.
Because development in SharePoint Online is scoped to the site-collection level, two developer features form the foundation of creating custom SharePoint Online solutions:
Sandboxed solutions Sandboxed solutions provide a framework for developers to create, and for SharePoint Online administrators to upload and activate, custom code solutions to SharePoint Online. Sandboxed solutions run in an environment that has access to a core subset of the server object model. The sandboxed solutions framework gives developers access to the major objects at and below the site collection level.
In addition, you can use client-side code to access the web services that SharePoint Online makes available and external data sources. Because of this, client-side code is a useful option if you must access either objects beyond those included in sandboxed solutions but that are available through a SharePoint Online web service, or external data.
Figure 1 shows these development options:
Use the server object model available to sandboxes solutions.
Employ the client object model and client-side code to access additional data that is available through the SharePoint web services, or data from external sources.
Notice that the SharePoint Web Part actually runs in SharePoint Online. However, the client-side code it references is downloaded to and executes on the client, employing the SharePoint client object model to connect back to SharePoint Online for data transfer.
For SharePoint Online development, you use the same framework to package and deploy your custom-coded solutions that you would for an on-premises SharePoint installation: the solutions framework. When developing for SharePoint Online, you create a specific type of solution, known as a sandboxed solution. A sandboxed solution enables SharePoint Online administrators to upload their own custom code solutions.
A sandboxed solution works in much the same way as a farm (full-trust) solution. For example, sandboxed solutions enable you to bundle all the components that can be used to extend SharePoint Online into a single new file, which is known as a solution file. A sandboxed solution is a deployable, reusable package that can contain a set of Features, site definitions, and assemblies that apply to sites, and that you can enable or disable individually. You can use the sandboxed solution file to deploy the contents of a Web Part package, including assemblies, class resources, Web Part description (.dwp) files, and other package components.
Sandboxed solutions differ from farm solutions primarily in how they are deployed, and the extent of access they have to the server object model. Sandboxed solutions run in a separate process that has access to a core subset of the server object model. A solution gallery is used to store all sandboxed solutions. In addition, sandboxed solutions are assigned a custom code access security (CAS) policy.
For information about the capabilities and elements that are available for use in sandboxed solutions, CAS policy for sandboxed solutions, and resource monitoring of sandboxed solutions, see Sandboxed Solutions Architecture in SharePoint 2010.
For a list of the server object model types and members available in sandboxed solutions, see Microsoft.SharePoint.dll APIs That Are Available from Sandboxed Solutions.
SharePoint Online Solution Development Process
The following are the basic steps in the process of creating, deploying, and activating a sandboxed solution on SharePoint Online:
Develop and test the solution.
To create or customize SharePoint Online solutions, you must develop the solution on a local computer where SharePoint Server 2010 or SharePoint Foundation 2010 is installed. This includes debugging the solution; you will not be able to debug the solution directly from SharePoint Online.
After you set up your development environment, you can use Visual Studio 2010 to create your sandboxed solutions. As a tool for promoting rapid development of SharePoint solutions, Visual Studio 2010 provides such features as advanced debugging tools, IntelliSense, statement completion, and project templates. Visual Studio 2010 provides a range of specialized templates for creating SharePoint items to include in your sandboxed solutions. In addition, Visual Studio 2010 can open and edit solution package (.wsp) files that are created in SharePoint Designer 2010, enabling designers and developers to tightly collaborate on solutions through a common framework.
For more information about setting up your development environment, including hardware recommendations, operating system and Hyper-V options, and prerequisites, see Setting Up the Development Environment for SharePoint 2010 on Windows Vista, Windows 7, and Windows Server 2008.
For information about how to use and customize Visual Studio 2010 to maximize your efficiency, see Using Visual Studio for SharePoint Development.
Deploy and activate the solution.
After you create and debug your sandboxed solutions on your local computer, you must hand that solution off to your SharePoint Online administrator, if you do not have SharePoint Online administration permissions. The SharePoint Online administrator uploads the solution package (.wsp) file to the Solution Gallery for activation.
For more information, see Deploying a Sandboxed Solution.
To make the solution available to users, you must activate it. If your sandboxed solution package contains a Feature that is scoped to the site collection level, it is activated automatically. Any Feature that is scoped to the site level must be activated on the Manage site features page located at http://servername/site/subsite/_layouts/managefeatures.aspx.
Monitor the activitated solution.
Activated solutions are monitored in terms of the resources they consume. Solution performance can be monitored by using multiple types of measures including CPU execution time, memory consumption, and database query time.
Figure 2 shows the main steps of the sandboxed solution development process for SharePoint Online.
For a reference implementation of a sandboxed solution, see Reference Implementation: The Sandbox Execution Model.
For training on sandboxed solutions, see Sandboxed Solutions on Channel 9.
Additional Solution Restrictions in SharePoint Online
Because it is a multi-tenant environment, when you upload a sandboxed solution to the Solution Gallery, SharePoint Online performs a further round of validation checks, in addition to those performed by on-premise SharePoint installations. A sandboxed solution cannot be activated if it contains code calling any of the following namespaces:
However, you can use the following members from this namespace in your sandboxed solution code:
However, you can use the LayoutKind enumeration in your sandboxed solution code.
However, you can use the following members from this namespace in your sandboxed solution code:
In addition, the following types and members cannot be called from code in a sandboxed solution in SharePoint Online:
Because code written against the client object models runs remotely on the client, it is not subject to the same restrictions as sandboxed solutions, and can, for example, access external data sources.
Figure 3 shows the call and response flow for client object models.
Programs running on the client, and using one of the client object models, can add and remove lists, add, update, and delete list items, modify documents in document libraries, create sites, manage permissions of items, add and remove Web Parts from a page, and much more.
Some supported development areas include:
Site collections and sites
Lists, list items, views, and list schemas
Files and folders
Web, list, and list item property bags
Site templates and site collection operations
Currently, you can only access SharePoint Online content programmatically by using Office ID credentials. You cannot programmatically access SharePoint Online content using users credentials from an on-premise domain, such as those imported using the DirSync tool.
Using the Silverlight Client Object Model in SharePoint Online
You can use Silverlight, and the Silverlight client object model, to create rich, sophisticated applications within SharePoint Online. You can host your Silverlight (.xap) application in its own .aspx page, or in a Web Part. SharePoint Online includes a default Silverlight Web Part, or you can create a custom Web Part as part of a sandboxed solution.
To use the SharePoint Silverlight object model within a Silverlight Web Part, you can create a Silverlight application in Visual Studio 2010, and add your code to the Page class in the default Page.xaml.cs file of your project. After you build your project, upload the project's application package (.xap) file to any document library you choose. Insert a Silverlight Web Part into a Web Parts page and point the URL source of the Web Part to the .xap file's path location in the document library. The Web Part can contain custom properties that are sent to Silverlight via the InitParameters property.
Use forms-based authentication (FBA) to authenticate users against SharePoint Online.
In addition, you can use Visual Studio 2010 to create a single solution (.wsp) file that performs the following actions when deployed and activated:
Deploys a Web Part, based on the default Silverlight Web Part, to host your Silverlight application
Deploys the Silverlight application package (.xap) file, packaged as a module, to the specified document library location
Creates pages, which contain your Web Part embedded in them, in the site pages collection
After the solution is activated, the user can navigate to the created pages and interact with the Web Part hosting the Silverlight application. The application itself can make use of the SharePoint Silverlight object model to access SharePoint Online data remotely, even though it appears to the user to be hosted within SharePoint Online.
Using the ECMAScript Object Model in SharePoint Online
Read More About SharePoint Client Object Models
For a more detailed introduction to the client object models, see Using the SharePoint Foundation 2010 Managed Client Object Model. For detailed technical information and implementation instructions, see the following sections in the SharePoint 2010 SDK:
For information about creating Silverlight client applications, see Using the Silverlight Object Model and How to: Use a SharePoint Project to Deploy a Silverlight Application.
For a reference implementation example of using the SharePoint client object models, see Reference Implementation: Client.
For training on the SharePoint client object models, see Client Object Model on Channel 9.