Search Results :

×
Sign Up Contact Us

Contents

SAML Single Sign-On (SSO) For Shopify Using miniOrange as Identity Provider

miniOrange acts as an Identity Provider (IdP), allowing users to perform Single Sign-On (SSO) into Shopify, using their miniOrange credentials. This setup ensures that your customers, employees, or B2B partners can log in to your Shopify store securely without needing separate credentials.

The solution supports both new Shopify Customer Accounts and classic/legacy accounts, works with Shopify Plus and non-Plus stores, and is ideal for B2B, wholesale, and multi-store business scenarios. With miniOrange as your central IdP, you gain enterprise-grade authentication, MFA, adaptive access policies, and centralized identity management for your Shopify storefront.

Install App button Install App Pricing Plans button Pricing Plans button Pricing Plans
  • Log in to your Shopify Admin.
  • Go to AppsShopify App Store
  • Search for miniOrange Single Sign-On – SSO
  • Click Install to add the app to your store
  • Open the app from Apps to start miniOrange SAML SSO configuration
  • Go to your Shopify store and navigate to the App section and click on Single Sign On - SSO login application.
Shopify miniOrange SSO - Application

  • Click on the Add identity Provider button to add your IDP.
Shopify miniOrange SSO - Add New Identity Provider

  • Select SAML protocol.
Shopify miniOrange SSO - Select SAML Protocol

  • From the list of identity providers (IDPs), select miniOrange as your identity provider.
Shopify miniOrange SSO - Select miniOrange as Identity Provider

  • Click on the Get metadata button, as shown on the screen below, to get the service provider metadata.
Shopify miniOrange SSO - Get SP Metadata
  • Navigate to SP Initiated Metadata section and copy the SP Initiated Metadata URL. Keep it handly as it will be used in furthur steps.
Shopify miniOrange SSO - Copy SP Metadata

  • Go to miniOrange Admin console https://login.xecurify.com/moas/login and login with your miniOrange credentials.
  • From the left menu, under the Configure section click on the Apps >> Add Application.
Shopify miniOrange SSO - Add Application

  • In the search apps textbox, type Custom SAML App. Click on the Custom SAML App application.
Shopify miniOrange SSO - Custom SAML Application

  • Click on Import SP metdata.
Shopify miniOrange SSO - Import SP Metadata

  • Provide appropriate App Name and paste the metadata URL copied from Step 1. Click on Import.
Shopify miniOrange SSO - Shopify Metadata

  • Click on Save.
  • Now Click on Select >> Metadata tab of currently configured application to get the identity provider (IDP) metadata.
Shopify miniOrange SSO - Metadata Under Select Option

Identity Provider (IDP) Metadata:

  • If you are setting miniOrange as the IDP, go to the Metadata tab, select miniOrange as IDP, and copy the Metadata URL as shown in the image below.
  • If you are using an external source as the IDP, select the External Source as IDP tab and copy the Metadata URL.
  • Keep this URL handy, as it will be required in further steps.
Shopify miniOrange SSO - miniOrange as IDP

You have completed miniOrange side configuration.

  • Navigate back to the miniOrange Single Sign On-SSO application and click on Add identity Provider button.
Shopify miniOrange SSO - Application

  • Click on the Add identity Provider button to add your IDP.
Shopify miniOrange SSO - Add New Identity Provider

  • Select SAML protocol.
Shopify miniOrange SSO - Select SAML Protocol

  • From the list of identity providers (IDPs), select miniOrange.
Shopify miniOrange SSO - Select miniOrange as Identity Provider

  • Click on the Import IDP Metadata button.
Shopify miniOrange SSO - Import IDP Metadata

  • Select the upload method as Metadata Link. Paste the copied XML file link from Step 2 and Click on Import.
Shopify miniOrange SSO - Metadata Link

  • Add the appropriate identity provider (IDP) Name and click on Save.
Shopify miniOrange SSO - Provide IDP Name

  • After saving the identity provider configuration, you will be redirected to the Test Connection step.
    Please perform Test Connection before mapping or fetching attributes, test connection ensures that your IDP configuration is correct.
  • Click on the Test Connection button.
Shopify miniOrange SSO - Test Connection

  • On entering valid miniOrange credentials you will see a pop-up window which is shown in the below screen.
Shopify miniOrange SSO - Connection Success

  • Click on the Fetch Attributes button to fetch the IDP attribute.
Shopify miniOrange SSO - Fetch Attributes

  • Click on the + Attribute Mapping button to map attributes between Shopify and miniOrange.
Shopify miniOrange SSO - Add New Mapping

  • Map the attributes by referring to the table below:
Attribute Name in Shopify Choose the attribute from the list of predefined attributes
Attribute Type IDP Attribute
Attribute Value Select the attribute value you have fetched from your IDP
Shopify miniOrange SSO - Attribute Mapping Configurations

  • Click on Next.

Select Shopify Store Type:

SSO Configuration in Non-Plus Shopify Stores

Choose the type of account you have enabled on your Shopify Store:

Note: If you’re using a password-protected store or working on a Shopify development store, click here to set up the storefront digest cookie so SSO can work on your store.

  • Go to the application dashboard, enable the customer accounts extension as shown in the below image.
Shopify SSO Login - Enable Customer

  • Enable the New Customer Accounts extension and click on Save.
Shopify SSO Login - Enable /wp-content/uploads/2025/05/shopify-sso-paste-multipass-token.webps

  • Navigate to the application home page and enable the IDP Login toggle option against the IDP you have configured.
Shopify SSO Login - Make app default

Allow Only SSO Users to Complete Checkout - Restrict Others

This feature allows only users who log in via Single Sign-On (SSO) to complete the checkout process. Other users will be blocked from proceeding with checkout.

  • Navigate to Settings.
    • Shopify SSO Login - Navigate to Settings

  • Open the Checkout section.
    • Shopify SSO Login - Open Shopify Checkout

  • Scroll downwards, in the checkout rules section, click on Add rule.
    • Shopify SSO Login - Add Checkout Rule

  • Click on SSO Checkout Validation.
    • Shopify SSO Login - SSO Checkout Validation

  • Deselect the "Allow all customers to complete checkout" option, and click on Save.
    • Shopify SSO Login - Deselect Allow All Customers to Complete Checkout

  • Now, you can Turn on the checkout rule.
    • Shopify SSO Login - Turn On SSO Checkout Validation

  • If you attempt to checkout without performing SSO, an error will appear as shown below.
    • Shopify SSO Login - SSO Checkout Validation Error

Testing Single Sign-On (SSO) for your Shopify store

  • Go to your Shopify Store.(https://<your-shopify-storedomain>)
  • Click on the User login icon.
SSO Login into Store - Shopify miniOrange SSO

  • You’ll be redirected to the login page of the identity provider (IDP) you configured in the previous step. Log in with your IDP account credentials.
  • Next, enter the six-digit OTP that will be sent to your registered email address. (This is a one-time process)
Shopify miniOrange SSO - 6 Digit OTP customer accounts

  • You’ll be successfully logged in to your Shopify store.
  • Go to the application dashboard, you will see a warning box to add the login button extension on the Account page, click on the login widget extension link as shown in the below image to enable it.
Shopify SSO Login - Make app default

  • Navigate to the application home page and enable the IDP Login toggle option against the IDP you have configured.
Shopify SSO Login - Make app default

  • If you want to configure SSO into Shopify using multiple IDPs, then select your IDP from the list provided here, and setup SSO using that IDP.
  • Enable the IDP login toggle option for enabling SSO into Shopify using multiple IDPs.
Shopify SSO Login - Make app default

Testing Single Sign-On (SSO) for your Shopify store

  • Go to your Shopify Store login page.(https://<your-shopify-storedomain>/account/login)
  • Click on the login button you customized earlier.
SSO Login into Store - Shopify miniOrange SSO

  • You'll be redirected to the identity provider (IDP) login page. Now log in with your existing account credentials.
  • After login, if you encounter an "invalid or missing reCAPTCHA token" error, accompanied by a "Something went wrong" message, refer to this FAQ to resolve the error.
Shopify miniOrange SSO - Something went wrong error

SSO Configuration in Plus Shopify Stores

Choose the type of account you have enabled on your Shopify Store:

  • Navigate back to the SSO application, and click on the Connect Store tab.
  • Copy the Discovery Endpoint URL Client ID, Client Secret, Additional Scopes and Post-Logout Redirect URI Parameter and keep them handy.
Shopify SSO Login - Copy Client ID and Secret

  • Click on the Customer Accounts link as shown in the below image.
Shopify SSO Login - Click on Customer Accounts

  • Select the Customer Accounts option as recommended by Shopify. Next, look for the Authentication option and click on Manage.
  • If you do not find the option, please reach out to shopifysupport@xecurify.com for assistance.
Shopify SSO Login - Manage Authentication

  • Click on the Manage Providers button.
Shopify SSO Login - Manage Providers

  • Click on Connect to Provider button.
Shopify SSO Login - Connect to identity provider

  • Add the Identity Provider name and from the Provider dropdown, select Custom or other.
Shopify SSO Login - Add identity provider name

  • Fill in the details such as Discovery endpoint URL, Client ID, Client secret, Additional Scopes, Post-logout redirect URI parameter that you copied from above step. Click on Save.
Shopify SSO Login - Add metadata

  • Once the Identity Provider has been added, do the Test Connection.
Shopify SSO Login - Test Connections

  • After verifying the flow make the identity provider as Active.
Shopify SSO Login - Make identity provider active

  • Navigate to the application home page and enable the IDP Login toggle option against the IDP you have configured.
Shopify SSO Login - Make app default

Testing Single Sign-On (SSO) for your Shopify store

  • Go to your Shopify Store.(https://<your-shopify-storedomain>)
  • Click on the User login icon.
SSO Login into Store - Shopify miniOrange SSO
  • You’ll be redirected to the login page of the identity provider (IDP) you configured in the previous step. Log in with your IDP account credentials.
  • You’ll be successfully logged in to your Shopify store.

Provide Login Using Username & Password

If you want to provide login using username & password along with your login with IDP option for your B2B store, then click here

Shopify Login - With Username and Password

Provide Login Using Email OTP

If you want to provide login using Email OTP along with your login with IDP option for your B2B store, then click here

Shopify Login - With Email OTP
  • Now, click on the Setup Guide button and follow the steps mentioned to get multipass token.
Shopify SSO Login - Get multipass token

  • Enable the Multipass Token option. Refer to this Faq to get the Multipass token value and paste it in the below field.
Shopify SSO Login - Enable multipass token

  • Click on Save.
  • Go to the application dashboard, you will see a warning box to add the login button extension on the Account page, click on the login widget extension link as shown in the below image to enable it.
Shopify SSO Login - Make app default

  • Navigate to the application home page and enable the IDP Login toggle option against the IDP you have configured.
Shopify SSO Login - Make app default

  • If you want to configure SSO into Shopify using multiple IDPs, then select your IDP from the list provided here, and setup SSO using that IDP.
  • Enable the IDP login toggle option for enabling SSO into Shopify using multiple IDPs.
Shopify SSO Login - Make app default

Testing Single Sign-On (SSO) for your Shopify store

  • Go to your Shopify Store login page.(https://<your-shopify-storedomain>/account/login)
  • Click on the login button you customized earlier.
SSO Login into Store - Shopify miniOrange SSO

  • You'll be redirected to the identity provider (IDP) login page. Now log in with your existing account credentials.
  • If you encounter an "invalid or missing reCAPTCHA token" error, accompanied by a "Something went wrong" message, refer to this FAQ to resolve the error.
Shopify miniOrange SSO - Something went wrong error

  • You’ll be successfully logged in to your Shopify store.

In this guide, you have configured miniOrange as the Identity Provider (IdP) and Shopify as the Service Provider (SP) using the miniOrange Shopify Single Sign-On (SSO) Login App. With this setup, your users can now enjoy Single Sign-On (SSO) into Shopify using miniOrange credentials, ensuring a secure, seamless, and scalable authentication experience across your Shopify ecosystem.

More FAQs ➔

To access customer login on your Shopify storefront, first check if the account/login button is visible in the navbar. If it is, go directly to the storefront login. If it isn’t, go to Shopify Admin >> Settings >> Customer Accounts. Enable Show login link in the header of the online store and at checkout option.

  • For Legacy Shopify Customer Accounts, click the account/login link or visit /account/login. Then select the miniOrange SSO Login widget above the email and password fields. Enter your miniOrange credentials, and you will be logged in.
  • For Shopify Customer Accounts, click the user icon at the top right of the store. Log in through the redirected miniOrange login page using your credentials. Complete the one-time 6-digit OTP verification to access the store.

For detailed steps, follow the steps provided in the documentation.

After setting up miniOrange SSO for Shopify, you can configure where customers are redirected after they log in. Open the Shopify SSO application for miniOrange and go to More Actions, then Additional Settings. In the Post Login Configurations tab, enter the redirect endpoint you want. For example, use /cart or /collections, but do not include the full URL. If needed, enable the Restrict User SignUp option, then save your configuration. Refer to the instructions for a complete step-by-step guide.

To enable the Auto-Redirect to miniOrange feature, you first need to upgrade the Shopify SSO application for miniOrange to the Enterprise (Scale) plan. Go to Apps, select miniOrange Single Sign-On (SSO), open the Pricing section, and click Upgrade under the Scale Plan.

After upgrading, go to the Global Configurations tab. Enable Auto Redirect to IDP under Store Access Settings. If a warning appears, follow the provided link to enable the required extension. Save your changes. Then choose whether the feature applies to the entire store or just the login page. Finally, click Save to activate Auto-Redirect to miniOrange on your Shopify store.

Follow these guide for detailed setup information.

 Thank you for your response. We will get back to you soon.

Something went wrong. Please submit your query again


ADFS_sso ×
Hello there!

Need Help? We are right here!

support