Shopify Single Sign-On (SSO) – Shopify SSO Integration
Shopify Single Sign-On SSO - Login
application by miniOrange allows users to SSO into your Shopify
Store (Plus & Non plus). Configure SSO with integration protocols such as SAML 2.0, OAuth
2.0, OpenID Connect, JWT, LDAP, API authentication, etc. for different IDPs like Okta, ADFS, Azure AD, Azure
B2C, Onelogin, AWS Cognito, GSuite/Google Apps,
etc. or any Custom Identity provider along with MFA features.
Select your Identity provider and start setting Single Sign-On
(SSO) for your Shopify store within minutes.
Get the Setup guide to configure Single Sign-On with your IDP
Pre-requisite : Single Sign On - SSO Application
To configure SSO with Apple as IDP, you will need to install the miniOrange Single Sign On - SSO Application on your Shopify store:
miniOrange Provides Secure Single Sign-On (SSO) access to your Shopify applications(both plus and Non plus Stores).
Step-by-Step Guide for configuring Shopify Single Sign On (SSO) App
1. Configure IDP for enabling SSO
-
Go to your Shopify store and navigate to App section and click on Single Sign On - SSO
login application.
- Click on Setup IDP button in the left navigation bar.
- In the right upper corner, select Add Identity Provider.
- Select protocol which you want to use for SSO from SAML,OAuth2.0, OpenID, CAS, Radius, LDAP etc.
2. Setup SSO into Shopify Store
- Select SAML
- Click on the Click here link to get miniOrange metadata from Shopify SSO application. This metadata will be required while configuring SAML IDP
- After clicking on the Click here button, two flows will be displayed: SP - INITIATED SSO and IDP - INITIATED SSO. For SP - INITIATED SSO, either Metadata URL can be copied or Metadata details can be individually copied for further configuration. Follow any one of the following steps to keep the miniOrange metadata.
- Here Metadata details are shown by selecting the Show Metadata Details option.
- Go to the developers console of your preferred IDP.
- Create a new Application.
- Select SAML protocol for this newly created Application.
- Enter Metadata URL or paste the individual Metadata details of miniOrange generated in Step 1.
- Save the configurations.
- Get the following data from your IDP:
- Create a user in your IDP with which you are looking for SSO into Shopify.
- Go back to your Shopify Store. In miniOrange Single Sign On - SSO Application, click on Setup IDP
- Go to Configure SSO -> Add Identity provider. Select SAML.
- Enter the IDP Name of your choice.
- Provide the required settings (i.e. Identity Provider Name, IdP Entity ID or Issuer, SAML Login URL, X.509 Certificate) from your IDP.
- Or you can directly upload an XML file containing relative information.
- Leave the other configurations and checkboxes as it is.
- After filling these fields click on the “Save” button to save the details.
- Go to the Configure SSO tab.
- Click on Select->Test Connection option against the Identity Provider you configured.
- After entering the correct credentials of the user present in your IDP, you will get a successful test connection screen.
- We support all standard IDPs like Okta, Azure AD, Keycloak, ADFS, Onelogin, Google Apps, Salesforce, Ping Identity, etc. and Custom IDPs too.
2.1. Getting Metadata details from Shopify
2.2. Configuring your IDP with miniOrange SP
I. IdP Entity ID
II. SAML Login URL
III. Logout URL
IV. SAML X.509 Certificate
2.3. Set up SAML IDP in Shopify SSO Application
2.4. Test Connection
3. Attribute Mapping
This feature can be used to map user attributes coming from Identity Provider into your Shopify store customer profile.
- Go to Single Sign On - SSO Application from Admin Dashboard.
- Scroll down to Attribute Mapping Section.
- Enter the attributes values or 'keys' like email, firstname, lastname, etc from your Identity provider to map them into your store’s customer profile.
- Save your configurations.
4. Domain Mapping
- If your primary domain is different than your Shopify domain then add your primary domain URL in the Domain settings section of Single Sign On - SSO Application.
- Save your configurations.
Note: Remove “https:” and slashes from the URL while adding it here.
5. Configuration on Shopify Store Admin Page
- Go to your Shopify store admin page.
- In the left section, click on the Online Store and select Preferences.
- Scroll down to the Spam Protection section and uncheck the second option "Enable Google reCAPTCHA on login, create account and password recovery pages"
- Save your changes.
6. Testing IDP configuration
- Go to you Shopify Store login page.
- Click on login button you customized earlier.
- You’ll be redirected to login page of IDP you configured earlier. Enter your account credentials
- You’ll be successfully login to your shopify store.
7. Restrict Complete Store to logged-in users
If you want to restrict Shopify Store to only logged-in users please follow the below steps and If you want to allow SSO only from the /account/login page you can skip this step.
Prerequisite : You should have enabled password protection on your shopify store
- You need to get a storefront_digest cookie for configuring the complete store with OTP Verification. Right click on your keyboard and click on Inspect option.
- Now navigate to Application section and then select Cookie option in left menu. Select your store and search for Storefront_digest. Copy this Value.
- Paste the storefront_digest cookie value in the store access cookie section as shown below and then click on the Save button.
- Now go to https://< your-store-domain >/password and click on Enter using Password in the top right corner. After that click on the Login widget to initiate the SSO.
Additional Resources
- Shopify Single Sign On
- Shopify Security Solutions
- Shopify Two Factor Authentication
- Shopify Single Sign-On (SSO) using Okta
If you don't find what you are looking for, please contact us at shopifysupport@xecurify.com or call us at +1 978 658 9387 to find an answer to your question about Shopify Single Sign-On (SSO).
×
![ADFS_sso]()
Trending searches:
Hello there!
Need Help? We are right here!
