miniOrange allows Azure B2C to act as an IDP (Identity Provider), which allows users to Single Sign-On (SSO) into Shopify using Azure B2C Credentials. Our application is compatible with all the SAML / OAuth compliant Identity
Providers. We will go through a step-by-step guide to configure Single Sign-On (SSO) into Shopify using Azure B2C as IdP (Identity Provider) and Shopify store as SP (Service Provider).
Pre-requisite : Single Sign On - SSO Login Application
To configure SSO into Shopify with Azure B2C as IDP, you will need to install the miniOrange Shopify Single Sign On - SSO Login Application on your store:
miniOrange Provides Secure Single Sign-On (SSO) access to your Shopify store (both plus and Non plus).
Step by Step guide for Single Sign-On in Shopify Store Using Azure B2C
1. Setup Azure B2C as OAuth Provider
- Sign in to Azure portal.
- Go to Home and in the Azure services, select Azure B2C.
- Please make sure you are in the Azure AD B2C directory with an active subscription and if not, you can switch to the correct directory.
- Now, click on App registrations and then click on the New registration option to create a new Azure B2C application.
- Configure the following options to create a new application.
- Enter a name for your application under the Name text field.
- In supported account types, select 3rd option ‘Accounts in any identity provider or organizational
directory (for authenticating users with user flows)’.
- Go to your Shopify store, click on the Apps tab and select the Single Sign On - SSO Login application.
- Click on the Setup IDP button in the top left in the navigation bar.
- From the left navigation bar select Configure SSO and click on Add Identity provider button.
- You can find the OAuth callback URL in the OAuth 2.0 section.
- Click on the Register button to create your application.
- After successful application creation, you will be redirected to the newly created application’s overview page. If not, you can go to the app registrations and search the name of your application and you will find your application in the list.
- Copy your Application ID and save it under your Client ID textbox in your Shopify Single Sign-On (SSO) Login application.
- For the Azure B2C tenant, copy the domain name under Essentials in the home page and save it. We will require it later.
- Then click on Certificates and secrets and then click on New client secret to generate a client secret. Enter a description and click on the Add button.
- Copy the secret value from certificates & secrets page and store it as a Client
secret in your Shopify Single Sign-On (SSO) Login application.
1.1 Add Users in your B2C application
- In home page, go to the Users tab in the left corner.
- Click on New user in the users page.
- Select Create Azure AD B2C user. Then, click on Email from sign in method and set your password and click create to save the user details to perform test configuration.
1.2 How to create & add Policy
- Go to User Flows tab and then click on New user flow.
- Select a User flow type Sign up and Sign in then click on Create button.
- Fill all the information e.g. Name, Identity providers, etc. then click on Create button.
- Copy the policy name value. This will be required while configuring authorize and token endpoints.
1.3 Add user claims to your application
- Go to user flows under policies in the left corner. Select the configured policy.
- Select Application claims in settings.
- Select the desired attributes to be displayed on the test configuration and save it.
- Go to Application → Select the application and go to the API Permissions tab.
- Click on the Add permission button, and then Microsoft Graph API -> Delegated
Permissions and select openid, Profile scope and click on the Add
Permissions button.
- Click on the Grant consent for Demo button.
- Go to Manifest tab and find groupMembershipClaims and changes it’s value to
"All" and click on the save button.
1.4 Endpoints
-
Go to Application registrations -> Endpoints.
-
In token and authorization endpoints URl, replace <policy-name> with your configured policy name.
You have successfully configured Azure AD B2C as OAuth Provider for achieving user authentication with Azure
AD B2C Single Sign-On (SSO) login into your Shopify Store.
2. Configure Azure B2C as OAuth 2.0 Provider in Shopify.
3. Testing SSO for your Shopify Store
- Go to your Shopify Store login page.(https://<your-shopify-storedomain>/account/login)
- Click on the login button you customized earlier.
- You’ll be redirected to the login page of the IDP you configured in previous step. Log in with your IDP account credentials.
- You’ll be successfully logged in to your Shopify store.
In this Guide, you have successfully configured Azure AD B2C Single Sign-On (SSO) by configuring Azure AD B2C
as OAuth Provider and Shopify as OAuth Client using our Shopify Single Sign-On - SSO Login App. This solution ensures that you are ready to roll out secure access to your Shopify Store using Azure AD B2C login credentials
within minutes.
Choose your preferred Identity Provider and start setting up SSO for Shopify right away
Additional Resources
If you are looking for anything which you cannot find, please drop us an email on shopifysupport@xecurify.com