Single Sign-On in Shopify Store Using Active Directory as Identity Provider

Single Sign-On in Shopify Store Using Active Directory as Identity Provider


Active Directory Single Sign On (SSO) for your Shopify store miniOrange provides a ready to use solution for your Shopify store. This solution ensures that you are ready to roll out secure access to your Shopify Store using Active Directory within minutes.

Pre-requisite : Single Sign On - SSO Login Application

To configure SSO into Shopify with Active Directory, you will need to install the miniOrange Shopify Single Sign On - SSO Login Application on your store

miniOrange Provides Secure Single Sign-On (SSO) access to your Shopify Stores(both plus and Non plus Stores).


Step by Step guide for Single Sign-On in Shopify Store Using LDAP Active Directory

1. Setup Active Directory in Shopify

  • Go to your Shopify store, click on the Apps tab and select the Single Sign On - SSO Login application.
  • shopify app section - single sign on application
  • Click on the Setup IDP button in the top left in the navigation bar.
  • Single Sign-On (SSO)for Shopify (Plus and Non Plus), Configure IDP for enabling Single Sign-On (SSO)
  • From the left navigation bar select User Stores menu option and click on Add User Store button.
  • Shopify Active Directory (AD/LDAP) Integration - choose userstore
  • Navigate to AD/LDAP tab and choose either of the following two options:
    • STORE LDAP CONFIGURATION IN MINIORANGE: Choose this option if you want to keep your configuration in miniOrange. If active directory is behind a firewall, you will need to open the firewall to allow incoming requests to your AD.
    • STORE LDAP CONFIGURATION ON PREMISE: Choose this option if you want to keep your configuration in your premise and only allow access to AD inside premises. You will have to download and install miniOrange gateway in your premise.

      Shopify Active Directory (AD/LDAP) Integration navigate to ad/ldap tab

  • Now, fill in the required details like .
  • Directory Type: Active Directory.
    LDAP Server URL: Select an appropriate prefiller followed by your AD server URL or IP address
    Bind Account DN: UserPrincipalName/distinguishedName of the account eligible for binding operation.
    Bind Account Password: Password for the account used for binding
    Search Bases: Provide distinguished name of the Search Base object Eg:cn=User,dc=domain,dc=com
    Search Filter: Search filters enable you to define search criteria and provide a more efficient and effective searches. Eg: "(&(objectClass=*)(cn=?))"
  • Select Active Directory from the Directory Drop Down. On basis of your selection all the attributes related to active directory are automatically mapped in the configuration.
  • Shopify Active Directory (AD/LDAP) Integration active directory/ldap attributes
  • Go to AD FS-> Domain-> respective Users -> Properties-> Attribute Editor. Now copy the value of distinguishedName and paste it against Bind Account DN.
  • Shopify Active Directory (AD/LDAP) enter Bind Account DN
  • Enter the valid password for the user from above step.
  • Search Base is a user search location. It means where to search for a user.
  • Shopify Active Directory (AD/LDAP) Integration search base
  • If you want to add extra conditions on user search you can add it in Search Filter. Select a suitable Search Filter from the Drop-Down. To use custom Search Filter select "Custom Search Filter" option and provide the search filter in the input field that shows up.
  • Shopify Active Directory (AD/LDAP) Integration search filter
  • Click on Save. After this, it will show you the list of User stores. Click on Test Configuration to check whether you have enter valid details. For that, it will ask for username and password.
  • Shopify Active Directory (AD/LDAP) Integration test ldap connection
  • On Successful connection with LDAP Server, a success message is shown.
  • Shopify Active Directory (AD/LDAP) Integration ldap connection successful
  • Click on Test Attribute Mapping.
  • Shopify Active Directory (AD/LDAP) Integration test ldap
  • Enter a valid Username. Then, click on Test. Mapped Attributes corresponding to the user are fetched.
  • Shopify Active Directory (AD/LDAP) Integration test mapped AD/LDAP attributes

2. Testing SSO for your Shopify Store

  • Go to your Shopify Store login page.(https://<your-shopify-storedomain>/account/login)
  • Click on the login button you customized earlier.
  • Shopify Active Directory (AD/LDAP) Integration login button
  • You’ll be redirected to the login page of the Active Directory you configured in previous step. Log in with your Active Directory account credentials.
  • You’ll be successfully logged in to your Shopify store.

You have successfully configured Active Directory for your Shopify Store.

Choose your preferred Identity Provider and start setting up SSO for Shopify right away


Additional Resources


If you are looking for anything which you cannot find, please drop us an email on shopifysupport@xecurify.com

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com