Pre-requisite : Store as IDP - SSO Login Application

To configure SSO into Drupal site with Shopify store as IDP, you will need to install the miniOrange Store as IDP- SSO Login Application on your store

Steps to configure SAML Single Sign-On (SSO) Login into Drupal site using Shopify store as IDP

1. Get metadata from the Drupal site Service Provider

• Login in your Drupal site’s admin console and click on Extend from the top navigation bar.
• Select the Install new module option to install a new module on your Drupal site.

• Upload the downloaded zip file of the Module and click on the Install button to continue.

• Select Enable newly added modules.

• Scroll down till you find miniOrange SAML Service Provider. Click on the checkbox next to it and click on the Install button to enable the module.

• Click on Configuration from the top navigation bar and Select miniOrange SAML Login Configuration.

• In the miniOrange SAML Service Provider module, navigate to Service Provider Metadata tab. Here, you can find the SP metadata such as SP Entity ID / Issure, SP ACS URL (AssertionConsumerService) and X.509 Certificate which are required to configure the Identity Provider ( Shopify Store ), Copy it and keep it handy.

2. Configure Shopify store as Identity Provider

• Now go to your shopify store, click on Apps tab and select Store as IDP-SSO login application.

• Click on the Setup Application button in the left navigation bar.

• From the left navigation bar select Apps and click on Add Application button.

• Go to SAML tab and search for drupal and select Drupal (SAML).

• Enter the values corresponding to the information from Drupal site. Refer to the table below.

Service Provider Name	Name of your Service Provider.
SP Entity ID or Issuer	Copy and paste the SP-Entity ID from Step 1.
ACS URL	Copy and paste the ACS URL from Step 1.
NameID Format	urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
Assertion Signed	Checked

• Click on the Save button to save your configuration.
• Now navigate to Select option and choose Metadata tab.

• Now click on Show Metadata Details under INFORMATION REQUIRED TO AUTHENTICATE VIA EXTERNAL IDPS section. Click on Download Metadata or copy down these data as they will be used in furthur steps.

You have successfully completed Shopify side configuration.

3. Configure Drupal site as Service Provider

• In the miniOrage SAML Service Provider module, go to Service Provider Setup tab of the module. There are two way to configure Drupal SAML Service Provider SSO module:

A. By Uploading IDP Metadata

• Click on Upload IDP Metadata link.
• Click on Upload Metadata File >> Choose File and Select the downloaded file from Step 2. Click on Upload File to fetch your information.


B. Manual Configuartion

• Provide the required data (i.e. Identity Provider Name, Idp Entity ID or Issuer, SAML Login URL, SAML Logout URL and X.509 Certificate ) from your Identity Provider (Shopify store) and click on Save Configuration button to save your configuration.

Identity Provider Name	Enter name of Identity Provider
Idp Entity ID or Issuer	Copy Idp Entity ID / Issuer from Step 2 and paste it.
SAML Login URL	Copy Single Sign On URL from Step 2 and paste it.
SAML Logout URL	Copy Single Sign out URL from Step 2 and paste it.
X.509 Certificate	Copy and Download Signing certificate from Step 2 and paste it.

You have successfully completed Drupal side configuration.

4. Testing SSO for Drupal site

• Go to your Drupal site login page.
• Click on the login button . You’ll be redirected to the login page of the Shopify store.

• Enter your Shopify Store login credential and click on Login. You will be automatically logged in to your Drupal site.

You have successfully configured Shopify as Identity Provider for your Drupal site.