Search Results :

×
Sign Up Contact Us

Contents

Setup Single Sign-On (SSO) into Shopify Store using API Authentication

The application programming interface (API) is the interface through which users can request access to protected resources. They must be equipped to ensure that applications and clients attempting to access data are authentic before proceeding to authorized full access once identity is confirmed. When a user tries to log in to a Shopify store with his existing credentials (username and password) stored in the application userbase, the miniOrange single sign-on (SSO) login app makes an API call to the user’s database for authentication, and his credentials are checked against the application user base. The user is granted access to the store if the response received from the application userbase is successful otherwise, access is denied. You can use this method to integrate Single Sign-On (SSO) into your Shopify Store, allowing users to authenticate via your user authentication API and allow access to the Shopify store.

API Authentication in Shopify

Consider a Company (Company A) has its users stored in the company database which is connected to their JAVA or any other tech stack application. They have API-based authentication for allowing the users to get logged in. The company has opened a Shopify store and they want to integrate SSO into the Shopify store. They don't know whether they need to integrate APIs in Store. SSO Application is a solution to their problem. The users can SSO into the store using their existing credentials present in the Company Database and if they are successfully authenticated then they will get logged in.

To configure Shopify SSO using API Authentication, you will need to install the miniOrange Shopify Single Sign-On - SSO Login Application on your store.


Youtube-color Created with Sketch.

Check out our video, to know more about how Single-Sign-On works in Shopify.

Follow the step-by-step guide to configure Single Sign-On in Shopify store using API authentication.

  • Go to your Shopify store and navigate to the App section and click on Single Sign-On (SSO) application.
shopify app section - single sign on application

  • Click on the Add identity Provider button.
Shopify API Authentication - Add identity provider

  • Select SSO protocol or authentication mechanism as User Store.
Shopify API Authentication - Select User Store

    • Select API as your identity provider (IdP).
    Shopify API Authentication - Select API

    • Provide an identity provider name.
    • Under the Authentication Configuration section, paste the User Authentication URL that you copied in step 1 above.
    • You can pass API key via two different methods i.e. Request Header or Request Body.
    • Via Request Body

    In this method, The API key is sent as "Authorization_key" via request header. You can refer to the example below.

    • Provide the Header Name Authorization_key and its value i.e. Value of your API key that you copied in step 1.
    • Select the Method as GET.
    • Provide the Authentication Parameters as:
      Authentication Parameters {
      "username":"##username##",
      "password":"##password##"
      }
      Note: Extra parameters can be sent in the Authentication parameters section if required. These parameters are added in the format "parameter-name":"parameter-value".
    shopify - api authentication with api key in header

    • Provide the Status field’s value as status and Status Message field’s value as message.

      Status Name of field in the server response that contains the status code
      Status Message Name of the field that gives the description of the status in the response

    In this method, The API key is sent as "api_key" parameter in the POST body as JSON.

    To configure your provider to send API key as a field in request body, you can refer below.

    • In the headers section, provide the Header Name Content-Type and its value application/json.
      (The content-type in the header specifies what type of data is actually sent in the request. Some examples of Content-type can be: application/json; text/html; charset=UTF-8; multipart/form-data; text/plain, etc.)
    • Select the Method as POST.
    • Provide the Authentication Parameters as:
      Authentication Parameters {
      "api_key":"value",
      "username":"##username##",
      "password":"##password##"
      }       		Put the API key value that you copied in step 1 in place of 'value'.
      Note: Extra parameters can be sent in the Authentication parameters section if required. These parameters can be added as fields in request body in the format "parameter-name":"parameter-value".

    Shopify authentication via api - source authentication parameters

    • Provide the Status field’s value as status and Status Message field’s value as message.
      Status Name of field in the server response that contains the status code
      Status Message Name of the field that gives the description of the status in the response
    • (Optional) You can configure User Profile Mapping and Metafield Based Mapping.
    authentication via api into shopify - attribute mapping section
    • Click on the Save.
    • To test the connection, select the user store you just added and click on Test Authorization API.
    shopify api authentication - test authorization api

    • Enter your credentials when prompted and you should be able to see a success message.
    shopify single sign on - test success window

    • Go to your Shopify Store login page.(https://<your-shopify-storedomain>/account/login)
    • Click on the login button you customized earlier.
    select project google oauth provider

    • You’ll be redirected to the login page of the IDP you configured in previous step. Log in with your IDP account credentials.
    • You’ll be successfully logged in to your Shopify store.

    Hence you have successfully configured Shopify Single Sign-On (SSO) using API Authentication.


    Auto-Redirect to IDP

    Auto-Redirect users to the IDP's login page when they try to access the Shopify store.
    Protect Complete Store with SSO

    Restrict store access to logged-in users and redirect others to the password page.
    Single Logout Endpoint (SLO)

    End the user's session in the store and IdP when they log out from any connected platform

    Users session extension

    Extend user sessions beyond 24 hours, ensuring longer access without compromising security.
    Email Domain Based Restrictions

    Restrict user logins based on configured email domains, allowing or denying access accordingly.
    Auto Tagging (After SSO)

    Assign tags to users after SSO login for streamlined management and personalized experiences.
    More FAQs ➔

    Follow the steps outlined here to configure SSO in Shopify with your preferred IDP.

    Redirection to any other site might be blocked in the browser. Please follow the steps given here to resolve the issue.

    Follow the steps outlined here to redirect your customer to collections/cart or any other page.

    You must upgrade to the SSO application’s Enterprise plan to enable the Auto-Redirect to the IDP feature. Follow the steps outlined here to enable this feature.


    Please reach out to us at shopifysupport@xecurify.com, and our team will assist you with setting up the Shopify SSO application. Our team will help you to select the best suitable solution/plan as per your requirement.

    ADFS_sso ×
    Hello there!

    Need Help? We are right here!

    support