Search Results :

×

Shopify Single Sign-On (SSO) – Shopify SSO Integration


Pre-requisite : Single Sign On - SSO Application

To configure SSO with Apple as IDP, you will need to install the miniOrange Single Sign On - SSO Application on your Shopify store:

miniOrange Provides Secure Single Sign-On (SSO) access to your Shopify applications(both plus and Non plus Stores).

Step-by-Step Guide for configuring Shopify Single Sign On (SSO) App

1. Configure IDP for enabling SSO

  • Go to your Shopify store and navigate to App section and click on Single Sign On - SSO login application.

    shopify app section - single sign on application
  • Click on Setup IDP button in the left navigation bar.

    Single Sign-On (SSO)for Shopify (Plus and Non Plus), Configure IDP for enabling Single Sign-On (SSO)
  • In the right upper corner, select Add Identity Provider.
  • Shopify Single Sign-On (SSO) - Add Identity Provider
  • Select protocol which you want to use for SSO from SAML,OAuth2.0, OpenID, CAS, Radius, LDAP etc.


2. Setup SSO into Shopify Store


    2.1. Getting Metadata details from Shopify

    • Select SAML
    • Shopify Single Sign-On (SSO) - Select IDP details
    • Click on the Click here link to get miniOrange metadata from Shopify SSO application. This metadata will be required while configuring SAML IDP
    • Shopify Single Sign-On (SSO) - Select IDP details
    • After clicking on the Click here button, two flows will be displayed: SP - INITIATED SSO and IDP - INITIATED SSO. For SP - INITIATED SSO, either Metadata URL can be copied or Metadata details can be individually copied for further configuration. Follow any one of the following steps to keep the miniOrange metadata.
    • Here Metadata details are shown by selecting the Show Metadata Details option.
    • Shopify Single Sign-On (SSO) - Select IDP details

    2.2. Configuring your IDP with miniOrange SP

    • Go to the developers console of your preferred IDP.
    • Create a new Application.
    • Select SAML protocol for this newly created Application.
    • Enter Metadata URL or paste the individual Metadata details of miniOrange generated in Step 1.
    • Save the configurations.
    • Get the following data from your IDP:
    • I. IdP Entity ID
      II. SAML Login URL
      III. Logout URL
      IV. SAML X.509 Certificate

    • Create a user in your IDP with which you are looking for SSO into Shopify.

    2.3. Set up SAML IDP in Shopify SSO Application

    • Go back to your Shopify Store. In miniOrange Single Sign On - SSO Application, click on Setup IDP
    • Shopify Single Sign-On (SSO) - Select IDP details
    • Go to Configure SSO -> Add Identity provider. Select SAML.
    • Shopify Single Sign-On (SSO) - Select IDP details Shopify Single Sign-On (SSO) - Select IDP details
    • Enter the IDP Name of your choice.
    • Provide the required settings (i.e. Identity Provider Name, IdP Entity ID or Issuer, SAML Login URL, X.509 Certificate) from your IDP.
    • Or you can directly upload an XML file containing relative information.
    • Shopify Single Sign-On (SSO) - Select IDP details
    • Leave the other configurations and checkboxes as it is.
    • After filling these fields click on the “Save” button to save the details.

    2.4. Test Connection

    • Go to the Configure SSO tab.
    • Click on Select->Test Connection option against the Identity Provider you configured.
    • Shopify Single Sign-On (SSO) - Select IDP details
    • After entering the correct credentials of the user present in your IDP, you will get a successful test connection screen.
    • Shopify Single Sign-On (SSO) - Select IDP details
    • We support all standard IDPs like Okta, Azure AD, Keycloak, ADFS, Onelogin, Google Apps, Salesforce, Ping Identity, etc. and Custom IDPs too.

3. Attribute Mapping

This feature can be used to map user attributes coming from Identity Provider into your Shopify store customer profile.

  • Go to Single Sign On - SSO Application from Admin Dashboard.
  • Scroll down to Attribute Mapping Section.
  • Enter the attributes values or 'keys' like email, firstname, lastname, etc from your Identity provider to map them into your store’s customer profile.
  • Save your configurations.
  • Shopify Single Sign-On (SSO) - Restrict Shopify Store to logged in users

4. Domain Mapping

  • If your primary domain is different than your Shopify domain then add your primary domain URL in the Domain settings section of Single Sign On - SSO Application.
  • Note: Remove “https:” and slashes from the URL while adding it here.

  • Save your configurations.
  • Shopify Single Sign-On (SSO) - Restrict Shopify Store to logged in users

5. Configuration on Shopify Store Admin Page

  • Go to your Shopify store admin page.
  • In the left section, click on the Online Store and select Preferences.
  • Scroll down to the Spam Protection section and uncheck the second option "Enable Google reCAPTCHA on login, create account and password recovery pages"
  • Save your changes.
  • Shopify Single Sign-On (SSO) - Restrict Shopify Store to logged in users

6. Testing IDP configuration

  • Go to you Shopify Store login page.
  • Click on login button you customized earlier.
  • You’ll be redirected to login page of IDP you configured earlier. Enter your account credentials
  • You’ll be successfully login to your shopify store.

7. Restrict Complete Store to logged-in users

If you want to restrict Shopify Store to only logged-in users please follow the below steps and If you want to allow SSO only from the /account/login page you can skip this step.


Prerequisite : You should have enabled password protection on your shopify store


  • You need to get a storefront_digest cookie for configuring the complete store with OTP Verification. Right click on your keyboard and click on Inspect option.
  • Shopify OTP Login - Login with OTP Shopify - storefont figest cookie
  • Now navigate to Application section and then select Cookie option in left menu. Select your store and search for Storefront_digest. Copy this Value.
  • Shopify OTP Login - Login with OTP Shopify - cookie opti
  • Paste the storefront_digest cookie value in the store access cookie section as shown below and then click on the Save button.
  • Shopify Single Sign-On (SSO) - Restrict Shopify Store to logged in users
  • Now go to https://< your-store-domain >/password and click on Enter using Password in the top right corner. After that click on the Login widget to initiate the SSO.
  • Shopify Single Sign-On (SSO) - Restrict Shopify Store to logged in users
Hence you have successfully configured Single Sign-On (SSO) into Shopify store using your application as an Identity Provider.

Additional Resources


Free Trial

If you don't find what you are looking for, please contact us at shopifysupport@xecurify.com or call us at +1 978 658 9387 to find an answer to your question about Shopify Single Sign-On (SSO).

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com