„HTTPResponseCode forbidden“ when using Office Web Apps 2013 with SharePoint 2013 over http

November 20, 2012 · 1 min read

It should be a security best practice to use Office Web Apps 2013 over https only. But just in case you want to use http (e.g. for a demo environment) you have to enable oAuthOverHTTP for your SharePoint 2013 Farm. Enter the following commands on your SharePoint Management Shell (not on the Web Apps Server):

$config = (Get-SPSecurityTokenServiceConfig)
$config.AllowOAuthOverHttp = $true