How can we Authentication users into Shopify using PingOne as Identity Provider?

miniOrange allows PingOne to act as an IDP (Identity Provider), which allows users to Single Sign-On (SSO) into Shopify using PingOne Credentials. Our application is compatible with all the SAML / OAuth compliant Identity Providers. We will go through a step-by-step guide to configure Single Sign-On (SSO) into Shopify using PingOne as IdP (Identity Provider) and Shopify store as SP (Service Provider).

Pre-requisite : Single Sign On - SSO Application

To configure SSO with PingOne as IDP, you will need to install the miniOrange Single Sign On - SSO Application on your Shopify store:

Step by Step guide for Configuring PingOne as IDP for SSO into Shopify

1.  Configuring miniOrange as Service Provider (SP) in PingOne

• Log in to PingOne Admin.
• Go to Application >> Add Application. Click on New SAML Application.



• Enter the application details and click on Continue to Next Step.
  Application Name, Application Description, and Category are required fields. For logos and icons, PNG is the only supported graphics format.


• For Basic SAML configuration you need to get the Entity ID, ACS URL and Single logout URL from Shopify.
• Now go to your Shopify store and click on Setup IDP button in the top left in navigation bar.



• From the left navigation bar select Identity Provider. Click on Add Identity Provider.



• Click on the Click here link to get miniOrange metadata as shown in screen below.



• For SP - Initiated SSO section select show Metadata Details.


• Enter the values in the SAML configuration as shown in below table.
  
  

  Audience (EntityID)	Entity ID or Issuer
  ACS URL	ACS URL
  Single Logout URL	Single Logout URL



• You can also upload the metadata in the option given on this step.


• After the SP metadata is filled in, please download the SAML metadata from here(refer above image) and click on Continue to Next Step.
• You can view or edit the claims sent in the SAML token to the application on this step.



• Click on Continue to Next Step to assign groups else click on Save & Exit to save the settings.

2.  Configuring PingOne as Identity Provider (IDP) in Shopify

• Go to your Shopify store and click on Setup IDP button in the top left in navigation bar.


• From the left navigation bar select Identity Provider. Click on Add Identity Provider.



• Select SAML. Click on Import IDP metadata.


• Enter IDP name and and browse for the file downloaded in step 1 . Click on Import.
• If you don't have metadata file, you can also provide the details manually. You need to configure following endpoints:
  
  

  IDP Entity ID	Entity ID of IDP
  Single Login URL	Login Url from IDP
  Single Logout URL	Logout Url from IDP
  X.509 Certificate	The public key certificate of your IDP



• Click on Save.

3.   Test Connection

• Go to Identity Providers tab.
• Click on Select >> Test Connection option against the Identity Provider you configured.
  
  
  
  
  
• Hence you have successfully configured Shopify Single Sign-On (SSO) using PingOne as IDP and miniOrange as SP using miniorange Single Sign-On (SSO) login application. This solution ensures that you are ready to roll out secure access to your Shopify store using PingOne login credentials within minutes.

Choose your preferred Identity Provider and start setting up SSO for Shopify right away

Additional Resources

• Single Sign-On (SSO) for Shopify
• Shopify Two Factor Authentication
• Shopify Single Sign-On (SSO) using Azure B2C
• Shopify Single Sign-On (SSO) using Okta

If you are looking for anything which you cannot find, please drop us an email on shopifysupport@xecurify.com.