Search Results :

×

Configure SSO into your Applications using Shopify Store Credentials

Configure SSO into your Applications using Shopify Store Credentials


Users can sign in to your Shopify Store using their Shopify Store login credentials when using the Shopify Store as IDP Application. Once a user has logged in to one Store, they can access other applications, including the Shopify store, with a single click - there is no need to log in or sign up again. You can map any user profile attribute to your Application for a login experience that uses their current Shopify Store credentials if desired. Users can use their store credentials to log into any application that supports SAML, OAuth, JWT, or API authentication methods.


Get the Setup guide to configure Single Sign-On into your application using Shopify as IDP


Pre-requisite : Shopify Store as IDP - Application

To configure SSO into your application with Shopify as IDP, you will need to install the miniOrange Store as IDP - SSO Login Application on your store

miniOrange Provides Secure Single Sign-On (SSO) access to your application using Shopify Store as IDP.

Step-by-Step Guide for Configuring Shopify as an Identity Provider (IDP) Application

1. Install and Setup Application

  • Go to your Shopify App Store and search for miniOrange. Now click on the Store as IDP-SSO Login to Apps application.
  • Click on the Install button to install the applciation on your Shopify store.
  • Accept the recurring charges shown by our App. After that you’ll be automatically redirected to the Application home page. In case you are not auto-redirected, follow the step given below.
  • Go to your Shopify store, click on Apps tab and select Store as IDP-SSO login application.
  • Shopify Single Sign-On (SSO) in wordpress oauth provider
  • Enter Primary Domain of your Shopify store in Domain Settings section of the application. After that click on Save.

2. Configure Application in Store as IDP application

  • Click on the Setup Application button in the left navigation bar.

Note: If you are redirected to the login page instead of the application dashboard after clicking the setup application button, try opening the application in the Chrome browser or contact us at shopifysupport@xeurify.com.

  • From the left navigation bar select Apps and click on Add Application button.
  • Select the protocol which your Application support in which you want to integrate SSO through Shopify as Identity Provider

Configure Single Sign-On (SSO) Settings for SAML Apps:

  • Click on the SAML tab and search for your Application.
  • If you can't find your application in the below list then select Custom APP and you can also submit your app request to add the application as a pre-integrated app.
  • Once you select the Custom App option, you will find a window similar to:
  • Either you can Copy Paste all the attributes of Service Provider (SP), Or you can directly upload an XML file containing relative information.
  • To upload the file, follow these steps: Click on Import SP Metadata button.
  • You will get a popup with following options.
  • Here is the description of what each field means (present on the app configuration window).

    SP Entity ID SP Entity ID is used to identify your app against the SAML request received from SP. Make sure the SP Entity ID or Issuer is in this format: httpss://www.domain-name.com/a/[domain_name]/acs.
    ACS URL Assertion Consumer Service URL defines where the SAML Assertion should be sent after authentication. Make sure the ACS URL is in the format: httpss://www.domain-name.com/a/[domain_name]/acs.
    Single Logout URL Single Logout URL defines where the user should be redirected after receiving the logout request from SP. You can mention your applications logout page URL here. Make sure the Single Logout URL is in the format: httpss://mail.domain-name.com/a/out/tld/?logout.
    Audience URI Audience URI, as the name suggests, specifies the valid audience for SAML Assertion. It is usually the same as SP Entity ID. If Audience URI is not specified separately by SP, leave it blank.
    NameID NameID defines what SP is expecting in the subject element of SAML Assertion. Generally, NameID is Username of Email Address
  • NameID Format defines the format of subject element content, i.e. NameID. For example, Email Address NameID Format defines that the NameID is in the form of an email address, specifically “addr-spec”. An addr-spec has the form local-part@domain, has no phrase (such as a common name) before it, has no comment (text surrounded in parentheses) after it, and is not surrounded by “<” and “>”. If NameID Format is not externally specified by SP, leave it unspecified.
  • You can Add Attributes to be sent in SAML Assertion to SP. The attributes include user’s profile attributes such as first name, last name, fullname, username, email, custom profile attributes, and user groups, etc.
  • The next section on the same window is for adding a policy for your app.
  • Select a Group Name as Default for making Shopify as Identity Provider.
  • Give a policy name for Custom App in Policy Name.
  • Select the Login Method as Password for using Shopify as Identity Provider
  • Click on Save button to add a policy for Apps (Single Sign-On).

Configure Service Provider (SP)

  • Now navigate to Select >> Metadata option against your configured applciation.
  • Now click on Show Metadata Details under INFORMATION REQUIRED TO AUTHENTICATE VIA EXTERNAL IDPS section. Copy down these data as they will be used in configuring Shopify as SP in your IDP.

You have successfully completed Shopify side configuration.

3. Restrict access to specific users

  • Navigate to Additional Settings section and enable the Attribute Blocking feature.
  • Click on the + button. Enter the Attribute Name (for example: email) and Attribute Value. Select the Condition and click on Save.

4. Test the Single Sign On

  • Initiate Single Sign On (SSO) from the configured Application.
  • It will redirect you to Shopify Store Login Page if user is not already logged in to store.
  • Enter Your Shopify Store customer credentials.
  • After Successful authentication you’ll be redirected back to configured Application and you’ll be logged in.


Free Trial

If you don't find what you are looking for, please contact us at shopifysupport@xecurify.com or call us at +1 978 658 9387 to find an answer to your question about Shopify Single Sign-On (SSO).

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com