Search Results :

×

SAML Single Sign-On (SSO) For Shopify Using ADFS as Identity Provider


ADFS Single Sign-On (SSO) for Shopify store, miniOrange provides a ready-to-use solution. This solution ensures that you are ready to roll out secure access to the Shopify store using ADFS within minutes.

Pre-requisite: Single Sign-On - SSO Application

To configure Shopify SSO with ADFS as IDP, you will need to install the miniOrange Single Sign On - SSO Login Application on your Shopify store:

miniOrange Provides Secure Single Sign-On (SSO) access to your Shopify store(both plus and Non-plus Stores).


Step by Step guide for Configuring ADFS as IDP for SSO into Shopify

1.  Configuring miniOrange as Service Provider (SP) in ADFS

  • On ADFS, search for the ADFS Management application.
  • Shopify ADFS SSO - Shopify ADFS Login - adfs management
  • After opening the ADFS Management, select Relying Party Trust and then click on Add Relying Party Trust.
  • Shopify ADFS SSO - Shopify ADFS Login - relying party trust
  • Select Claims Aware from the Relying Party Trust Wizard and click on the Start button.
  • Shopify ADFS SSO - Shopify ADFS Login - click on start

Select Data Source

  • In Select Data Source, select the data source for adding a relying party trust.
  • Now go to your Shopify store and navigate to the App section and click on Single Sign On - SSO login application.
  • Shopify ADFS SSO - Shopify ADFS Login - SHopify SSO Application
  • Click on the Setup IDP button in the left navigation bar.
  • Shopify ADFS SSO - Shopify ADFS Login - setup IDP in Shopify
  • Click on Configure SSO >> Add Identity Provider.
  • Shopify ADFS SSO - Shopify ADFS Login - configure sso
  • Select SAML protocol. Now click on the Click here link to get miniOrange metadata as shown in the Screen below.
  • Shopify ADFS SSO - Shopify ADFS Login - saml protocol in shopify
  • Under SP - INITIATED SSO section, do the following:

  • Copy the Metadata URL as shown in the below image.
  • Shopify ADFS SSO - Shopify ADFS Login - metadata URL ADFS
  • Select Import data about the relying party published online or on the local network option and add the metadata URL in the Federation metadata address.
  • Click on Next.
  • Shopify ADFS SSO - Shopify ADFS Login - import data

    Note: In the next step enter the desired Display Name and click Next.


Choose Access Control Policy

  • Select Permit everyone as an Access Control Policy & click on Next.
  • Shopify ADFS SSO - Shopify ADFS Login - permit everyone

Ready to Add Trust

  • In Ready to Add Trust, click on Next and then Close.
  • Shopify ADFS SSO - Shopify ADFS Login - add trust

Edit Claim Issuance Policy

  • In the list of Relying Party Trust, select the application you created and click on Edit Claim Issuance Policy.
  • Shopify ADFS SSO - Shopify ADFS Login - clain issuance policy
  • In the Issuance Transform Rule tab, click on Add Rule >> OK button.
  • Shopify ADFS SSO - Shopify ADFS Login - add rule

Choose Rule Type

  • Select Send LDAP Attributes as Claims and click on Next.
  • Shopify ADFS SSO - Shopify ADFS Login - Send LDAP attributes

Configure Claim Rule

  • Enter the following details & click on Finish.
  • Claim rule name: Attributes
    Attribute Store: Active Directory
    LDAP Attribute: E-Mail-Addresses
    Outgoing Claim Type: Name ID

    Shopify ADFS SSO - Shopify ADFS Login - Configure claim rule
You have successfully configured ADFS as SAML IDP (Identity Provider) for achieving Shopify ADFS Single Sign-On (SSO) log in by exchanging the metadata between ADFS and Shopify by creating a Relying party trust with miniOrange.

2.  Configure ADFS as Identity Provider (IDP) in miniOrange

  • Now go to your Shopify store and click on the Setup IDP button in the top left in the navigation bar.

    Shopify ADFS SSO - Shopify ADFS Login - go to store
  • From the left navigation bar select Configure SSO.

    Shopify ADFS SSO - Shopify ADFS Login - configure sso
  • Select SAML. Click on Import IDP metadata.

    Shopify ADFS SSO - Shopify ADFS Login - import IDP metadata
  • Choose the appropriate IDP name. Browse for the file downloaded in Step 1.
  • Click on Import.

    Shopify ADFS SSO - Shopify ADFS Login - IDP name
  • As shown in the below screen the IDP Entity ID, SAML SSO Login URL, and x.509 Certificate will be filled from the file imported.

    Shopify ADFS SSO - Shopify ADFS Login - Metadata details
  • Click on Save.

3.  Test Connection

  • Go to Configure SSO tab.
  • Click on the Select >> Test Connection option against the Identity Provider you configured.
  • Shopify ADFS SSO - Shopify ADFS Login - test connection
  • On entering valid ADFS credentials you will see a pop-up window as shown in the below screen.
  • Shopify ADFS SSO - Shopify ADFS Login - ADFS credentials
Hence your configuration of ADFS as IDP in miniOrange is completed.

Choose your preferred Identity Provider and start setting up SSO for Shopify right away


Additional Resources


If you are looking for anything which you cannot find, please drop us an email on shopifysupport@xecurify.com

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com