Pre-requisite : Single Sign On - SSO Login Application

To configure SSO into Shopify with Active Directory, you will need to install the miniOrange Shopify Single Sign On - SSO Login Application on your store

Step by Step guide for Single Sign-On in Shopify Store Using LDAP Active Directory

1. Setup Active Directory in Shopify

• Go to your Shopify store, click on the Apps tab and select the Single Sign On - SSO Login application.

• Click on the Setup IDP button in the top left in the navigation bar.

• From the left navigation bar select User Stores menu option and click on Add User Store button.

• Navigate to AD/LDAP tab and choose either of the following two options:
• STORE LDAP CONFIGURATION IN MINIORANGE: Choose this option if you want to keep your configuration in miniOrange. If active directory is behind a firewall, you will need to open the firewall to allow incoming requests to your AD.
• STORE LDAP CONFIGURATION ON PREMISE: Choose this option if you want to keep your configuration in your premise and only allow access to AD inside premises. You will have to download and install miniOrange gateway in your premise.
  
  
  
  
• Now, fill in the required details like .

Directory Type:	Active Directory.
LDAP Server URL:	Select an appropriate prefiller followed by your AD server URL or IP address
Bind Account DN:	UserPrincipalName/distinguishedName of the account eligible for binding operation.
Bind Account Password:	Password for the account used for binding
Search Bases:	Provide distinguished name of the Search Base object Eg:cn=User,dc=domain,dc=com
Search Filter:	Search filters enable you to define search criteria and provide a more efficient and effective searches. Eg: "(&(objectClass=*)(cn=?))"

• Select Active Directory from the Directory Drop Down. On basis of your selection all the attributes related to active directory are automatically mapped in the configuration.

• Go to AD FS-> Domain-> respective Users -> Properties-> Attribute Editor. Now copy the value of distinguishedName and paste it against Bind Account DN.

• Enter the valid password for the user from above step.
• Search Base is a user search location. It means where to search for a user.

• If you want to add extra conditions on user search you can add it in Search Filter. Select a suitable Search Filter from the Drop-Down. To use custom Search Filter select "Custom Search Filter" option and provide the search filter in the input field that shows up.

• Click on Save. After this, it will show you the list of User stores. Click on Test Configuration to check whether you have enter valid details. For that, it will ask for username and password.

• On Successful connection with LDAP Server, a success message is shown.

• Click on Test Attribute Mapping.

• Enter a valid Username. Then, click on Test. Mapped Attributes corresponding to the user are fetched.

2. Testing SSO for your Shopify Store

• Go to your Shopify Store login page.(https://<your-shopify-storedomain>/account/login)
• Click on the login button you customized earlier.

• You’ll be redirected to the login page of the Active Directory you configured in previous step. Log in with your Active Directory account credentials.
• You’ll be successfully logged in to your Shopify store.

You have successfully configured Active Directory for your Shopify Store.

Choose your preferred Identity Provider and start setting up SSO for Shopify right away

Additional Resources

• Shopify Security Solutions
• Shopify Single Sign-On (SSO)
• Shopify Two Factor Authentication
• Shopify Single Sign-On (SSO) using Azure B2C
• Shopify Secure Admin Login

If you are looking for anything which you cannot find, please drop us an email on shopifysupport@xecurify.com