Step by Step guide for Configuring Okta as IDP for SSO into Shopify

1.  Configure miniOrange as SP in Okta

• Log in to Okta.

  Note: Switch to Classic UI from Developer Console, by selecting the Admin from the upper right corner then Developer Console > Classic UI

• In Okta Developer site, navigate to Applications > Add Application or use following URL https://okta-domain-name/admin/apps/add-app
  
  


• Click on Create New App. A popup with sign on methods is shown. Select SAML 2.0 & click on Create
  
  
• Add appropriate App name then click Next.
  
  
  
  
• For the above SAML configuration you need to get the Entity ID and ACS URLfrom miniOrange
• Now go to your Shopify store and click on Setup IDP button in the top left in navigation bar.
  
  
• Now click on the Click here link to get miniorange metadata as shown in Screen below.
  
  
• For SP - INITIATED SSO section Select Show Metadata Details.
  
  
• Enter the values in basic SAML configuration as shown in below screen.
  
  

  Single sign on URL	ACS URL
  Audience URI (SP Entity ID)	Entity ID or Issuer

• Add Attribute Statement & Group Attribute Statement if required & click on Next.
• Select Okta Configuration type & click on finish.
• Navigate to Assigmment tab from Okta. Click on Assign & select Assign to People. Select the user from the popup & click on Done. You can also assign groups if required.
  
  
  
  

2.   Configure Okta as IDP in miniOrange

• Now go to your Shopify store and click on Setup IDP button in the top left in navigation bar.
  
  
• From the left navigation bar select Identity Provider and SelectSAML.
  
  
• Now navigate to Sign on tab from Okta & select View Setup Instructions. After View Setup Instructions it will open new tab which contains Single Sign-On URL, Identity Provider Issuer & X.509 Certificate copy these data. These data is required for adding Identity Source in miniOrange.
  
  
• Enter appropriate IdP Name. Also add following details
  

  IdP Entity ID	Identity Provider Issuer from Okta
  SAML SSO Login URL	Identity Provider Single Sign-On URL from Okta
  X.509 Certificate	X.509 Certificate from Okta



• Few other optional features that can be added to the Identity Provider(IDP) are listed in the table below:
  

  Domain Mapping	Can be used to redirect specific domain user to specific IDP
  Show IdP to Users	Enable this if you want to show this IDP to all users during Login
  Send Configured Attributes	Enabling this would allow you to add attributes to be sent from IDP

• Click on save.

3.   Test Connection

• Go to Identity Providers tab.
• Click on Select>>Test Connection option against the Identity Provider you configured.
  
  
  
  
• On entering valid Okta credentials you will see a pop-up window which as shown in below screen.
  
  
• Hence your configuration of Okta as IDP in miniOrange is sucesssfully completed.

Choose your preferred Identity Provider and start setting up SSO for Shopify right away

Additional Resources

• About Shopify
• Facebook Social Login For Shopify
• Google Social Login For Shopify
• Apple Social Login For Shopify
• More on Social Login

If you are looking for anything which you cannot find, please drop us an email on socialloginsupport@xecurify.com