SSO into Shopify using Facebook as IDP (OAuth) | Shopify Facebook SSO

Overview

Shopify integration with Facebook allow your customers to login to the store using facebook as an identity provider. Here the Facebook works as an OAuth provider for Shopify SSO application using miniOrange as an Identity Broker. In this guide we will see how to implement Facebook Single Sign-On (SSO) solution on your Shopify store in the easiest way.

Our solution also supports advanced features such as user profile attribute mapping and role mapping, making it a breeze to manage user access. In this guide, we’ll walk you through how to configure Facebook SSO for user authentication in Shopify. By the end, your users will be able to log in securely and access your Shopify store with their Facebook credentials.

Want to explore more features of the Shopify Single Sign-On app? Click here to learn more.

Add Application Pricing Plans

Pre-requisites : Download And Installation

• To Setup SSO into Shopify store using Facebook as IDP (OAuth), you will need to add Shopify Single Sign-On (SSO) application on your Store.

Configuration Steps

Step 1: Get Callback URL (Redirect URI) from Shopify

• Go to your Shopify store & navigate to the App section and click on Single Sign On - SSO login application.

• Click on the Add Identity Provider button to add your IDP.

• Select OAuth 2.0 protocol.

• Now choose Facebook from the list of IDPs.

• Copy the OAuth Callback URL and keep it handy as it will be used in further steps.

You have successfully obtained the Callback URL (Redirect URI) from Shopify.

Step 2: Setup Facebook as OAuth Provider

• To get started, Go to Facebook developers console click here and sign up/Login with your facebook developer account.

• Go to the Facebook Developers apps page and click the Create App button to add new app.

• Then choose the Allow people to log in with their Facebook account option as use case and then click Next.

• Enter the App Name and Add Contact Email for your Facebook app respectively then click on Create App button to save your settings.

• Go to App Settings -> Basic to view your App Id and App Secret. The App ID is your Client ID and the App Secret is your Client Secret, keep these values handy as you will need them later to configure the Shopify Single Sign-On SSO application (Refer to the images below).
• App Domain: Write your website’s domain there.
• Privacy Policy URL: Fill in this box with the URL liked to your website’s privacy policy page.
• Terms of Service: Fill in this box with the URL linked to your website’s terms of service page.
• User Data Deletion: From the drop down, select Data Deletion Instruction URL (Enter the URL of your page with the instructions on how users can delete their accounts on your site).
• Choose a Category from the dropdown in the Category field and pick the App Purpose option that describes your App the best, then press Save Changes to save your configurations.

• Now scroll down and click on Add Platform button. Select the Website option as you are trying to integrate your Facebook Login with a website. Click on Next.

• Next, enter your Shopify Store URL (store.xecurify.com) and click Save. Then, click Continue.

• Click on the Use cases tab on the left side and then click on the Customize button that appears next to the Authentication and account creation item.

• Below the Permissions section, find the email permission and click on the Add button.
• By default, your application only has Standard Access for the “public_profile” and “email” permissions, which means that only you can log in with it. To get Advanced Access you will need to go trough the Business Verification, that you can start on the Verification tab on the left side.

• Under the Facebook Login >> settings section click on Go to settings button to add the Redirect/Callback URL (from Step 1).

• Into the Valid OAuth redirect URIs field add the Redirect/Callback URL which you will get from the Shopify Single Sign-On (SSO) application. Click on Save changes button.

• Currently your app is in Development Mode which also means that people outside of your business can not use it. Once your verification is completed, click on the Go live tab and publish your app by clicking on the Go live button at the bottom right corner. Before you press it, it is recommended to check the steps listed on the “Go live” page, if you configured everything properly.

You have successfully configured Shopify as Service Provider into Facebook Application.

Step 3: Configure Facebook as IDP in Shopify

• Navigate back to the Shopify Single Sign On-SSO application and fill in the required details like Client ID, Client Secret, Endpoints, and Scope.
• Please refer to the below table for configuring the values.

App Name:	Facebook
Client ID:	From Step 2
Client Secret:	From Step 2
Authorize Endpoint:	https://www.facebook.com/dialog/oauth
Access Token Endpoint:	https://graph.facebook.com/v2.8/oauth/access_token
Get User Info Endpoint:	https://graph.facebook.com/me/?fields=id,name,email,age_range,first_name,gender,last_name,link
Scope:	public_profile email

• Click on Next.

You have now completed the configuration for Facebook as IDP (OAuth) into your Shopify SSO Application.

Step 4: Test Connection

• After saving the IDP configuration, you will be redirected to the Test Connection step. Perform a test connection before mapping or fetching attributes, a test connection ensures that your IDP configuration is correct.
• Click on the Test Connection button.

• If you encounter an "invalid or missing reCAPTCHA token" error accompanied by a "Something went wrong" message, refer to this FAQ to resolve the error.



• Else, you’ll be redirected to the login page of the IDP you configured in previous step. Log in with your IDP account credentials.

• Click on the Fetch Attributes to fetch the IDP attribute.

Step 5: Attribute Mapping

• Click on the + Attribute Mapping button to map attributes between Shopify and your IDP.

• Map the attributes by referring the table below:

Attribute Name in Shopify	Choose the attribute from the list of predefined attributes
Attribute Type	IDP Attribute
Attribute Value	Select the attribute value you have fetched from your IDP

• Click on Save.
• Navigate to the application home page. Click More actions against the configured IDP, and click on Make Default to set your IDP as default.

Step 6: Enable SSO Login Button (In case of Shopify legacy accounts only)

Note: This step applies only to Shopify legacy accounts and not Shopify customer accounts.

• Navigate to the Enable SSO Button section.
• The following button attributes can be customized: button text, text below SSO button, background color, text color, width, and height.

• By default, the “Enable SSO Button” option is in enabled state.
• If it is not, enable it first, then click the Enable Extension button, as shown in the image below.

• Enable the SSO Login Widget IDP extension.
• You will see the Login with miniOrange button added to your Shopify store.
• Click on Save

Step 7: Enable & Test SSO Configurations

Select Shopify Store Type:

Non-Plus Store

Plus Store

SSO Configuration in Non-Plus Shopify Stores

Choose the type of account you have enabled on your Shopify Store:

Customer Accounts

Legacy Customer Accounts

• Navigate to the Advanced Settings section and then go to Customer Accounts. Enable the Customer Accounts SSO option as shown in the below image and then click on the clicking here link to enable the extension.

• Enable the Customer Accounts extension and click on Save.

• Navigate to the application home page. Go to More actions against the IDP you have configured and click on the Make Default button to make the IDP default.

Testing Single Sign-On (SSO) for your Shopify store

• Go to your Shopify Store.(https://<your-shopify-storedomain>)
• Click on the User login icon.

• You’ll be redirected to the login page of the identity provider (IDP) you configured in the previous step. Log in with your IDP account credentials.
• Next, enter the six-digit OTP that will be sent to your registered email address. (This is a one-time process)

• You’ll be successfully logged in to your Shopify store.

Note: In case of Shopify Non-Plus store (legacy customer accounts) no additional configurations is required. Follow the steps provided below to complete the SSO setup between your IDP and Shopify.

• Navigate to the application home page. Go to More actions against the IDP you have configured and click on the Make Default button to make the IDP default.

Testing Single Sign-On (SSO) for your Shopify store

• Go to your Shopify Store login page.(https://<your-shopify-storedomain>/account/login)
• Click on the login button you customized earlier.

• You'll be redirected to the identity provider (IDP) login page. Now log in with your existing account credentials.

• After login, if you encounter an "invalid or missing reCAPTCHA token" error, accompanied by a "Something went wrong" message, refer to this FAQ to resolve the error.

SSO Configuration in Plus Shopify Stores

Choose the type of account you have enabled on your Shopify Store:

Customer Accounts

Legacy Customer Accounts

• Go back to the SSO application, and navigate to Connect Store tab. Copy the Client ID, Client Secret, Post-Logout Redirect URL and Discovery Endpoint URL and keep them handy.

• Click on the Customer Accounts link as shown in the below image.

• Select the Customer accounts option recommended by Shopify & look for the Identity Provider option, if not present please reach out to shopifysupport@xecurify.com.

• If the identity provider is present, click on Manage.

• Click on Connect to Provider button.

• Add the Identity Provider name and fill in the details such as Discovery endpoint URL, Client ID, Client secret, Additional Scopes, Post-logout redirect URI parameter that you copied from above step. Click on Save.

• Once the Identity Provider has been added, do the Test Connection.

• After verifying the flow make the identity provider as Active.

• Navigate to the application home page. Go to More actions against the IDP you have configured and click on the Make Default button to make the IDP default.

Testing Single Sign-On (SSO) for your Shopify store

• Go to your Shopify Store.(https://<your-shopify-storedomain>)
• Click on the User login icon.

• You’ll be redirected to the login page of the identity provider (IDP) you configured in the previous step. Log in with your IDP account credentials.

• You’ll be successfully logged in to your Shopify store.

• Now, click on the Setup Guide button and follow the steps mentioned to get multipass token.

• Enable the Multipass Token option and paste the value copied from above in the below field.

• Click on Save.

• Navigate to the application home page. Go to More actions against the IDP you have configured and click on the Make Default button to make the IDP default.

Testing Single Sign-On (SSO) for your Shopify store

• Go to your Shopify Store login page.(https://<your-shopify-storedomain>/account/login)
• Click on the login button you customized earlier.

• You'll be redirected to the identity provider (IDP) login page. Now log in with your existing account credentials.

• If you encounter an "invalid or missing reCAPTCHA token" error, accompanied by a "Something went wrong" message, refer to this FAQ to resolve the error.

• You’ll be successfully logged in to your Shopify store.

Hence you have configured Shopify Single Sign-On (SSO) using Facebook as IDP and Shopify as a Service Provider. using the Shopify Single Sign-On (SSO) login application. This solution ensures that you are ready to roll out secure access to your Shopify store using Facebook login credentials within minutes.

Additional Resources

• Shopify Security Solutions
• Shopify Single Sign-On (SSO)
• Shopify Content Restriction
• Shopify Order and SMS Notifications
• Two Factor Authentication (2FA) for Shopify

Get in Touch

Please reach out to us at shopifysupport@xecurify.com, and our team will assist you with setting up the Shopify SSO application. Our team will help you to select the best suitable solution/plan as per your requirement.