• Home
• App Integrations
• BigCommerce Auth0 Single Sign-On

Auth0 Single Sign-On (SSO) login for BigCommerce Store can be achieved by integrating miniOrange as Service Provider & Auth0 as SAML IDP (Identity Provider). Users can seamlessly access their BigCommerce Store along with other cloud apps/websites using existing Auth0 credentials. This allows organizations to securely access their BigCommerce Store and easily manage user access without migrating the users from the existing system. One-stop solution for - Centralized Management & Storage of customer data, Store to Store sync, Order status notification, Social login —> for your BigCommerce Store.

With BigCommerce SSO & CIAM features, you can:

• Enable your users to automatically log into BigCommerce.
• Provide extra layer of security on your BigCommerce store with 2-Factor Authentication (OTP over SMS/Email).
• Connect easily with any external identity source like Azure AD, Auth0, AWS Cognito, OKTA, etc.

Verified Technology Partner of BigCommerce

SSO + MFA Support for any BigCommerce Plan (Standard, Plus, Pro, Enterprise)

Prerequisites

• Log into miniOrange Admin Console.
• Click on Customization in the left menu of the dashboard.
• In Basic Settings, set your company domain in Organization Name textfield.
• Click Save. Once that is set, the branded login URL would be of the format https://<company_domain>.xecurify.com/moas/login

Follow the step-by-step guide given below for BigCommerce Single Sign-On (SSO)

1. Configure miniOrange as Service Provider (SP) in Auth0

• Log in to your Auth0 SSO Application Dashboard.
• Click on Applications.



• Click on Create Application.



• A new window will pop-up. Enter a name for the application and select Regular Web App. Click on CREATE button.



• Select the Addons tab.



• Enable SAML2 option in the addons. It will open up a Configuration window.



• Enter Application Callback URL, Audience, Recipient and other settings using SP entity ID and ACS URL copied from the plugin as shown below:



• Scroll down and click on Save.



• Go to the Usage tab and click on the Identity Provider Metadata download link. It will download the metadata XML file which you'll need for setting up the SAML plugin.

2. Configure Auth0 as Identity Provider (IDP) in miniOrange

• Go to miniOrange Admin Console .
• From the left navigation bar select Identity Provider.
• Click on Add Identity Provider button.



• Select SAML. Click on Import IDP metadata.



• Enter Auth0 as IDP name and and browse for the file downloaded in step 1. Click on Import.
• If you don't have metadata file, you can also provide the details manually. You need to configure following endpoints:

IDP Entity ID	Entity ID of IDP
Single Login URL	Login Url from IDP
Single Logout URL	Logout Url from IDP
X.509 Certificate	The public key certificate of your IDP.

• Few other optional features that can be added to the Identity Provider(IDP) are listed in the table below:

Domain Mapping	Can be used to redirect specific domain user to specific IDP
Show IdP to Users	Enable this if you want to show this IDP to all users during Login
Send Configured Attributes	Enabling this would allow you to add attributes to be sent from IDP

• BigCommerce requires some attributes from Auth0. Therefore, we have to enable the send configured attributes toggle to add the following attributes.



• Click on Save.
• Navigate back to View Identity Providers page.
• Click on select against the configured IDP and select Make Default.

3. Test Auth0 IDP Connection

• Go to Identity Providers tab.
• Click on Select>>Test Connection option against the Auth0 Identity Provider you configured.



• On entering valid IDP credentials you will see Test Successful pop-up window as shown in the below screenshot.



• Hence your configuration of Auth0 as IDP in miniOrange is successfully completed.

4. Create your application in miniOrange

4.1. Create BigCommerce API

• Log in to BigCommerce Admin Panel.
• Go to the Settings from the menu, scroll down and select API Accounts.



• Click on Create API Account and choose Create V2/V3 API Token option from the menu shown.
• Add a suitable name for your API account.
• API Path will be used as the store_hash value when we configure BigCommerce in miniOrange which will require in step2.



• Enable the Customers option as Modify and Customers Login option as login. Keep rest of the settings as it is.
• Click on Save.



• Download the API credentials file. It contains the API token, Client ID and Client Secret.

4.2. Configure BigCommerce in miniOrange

• Login into miniOrange Admin Console.
• Go to Apps Click on Add Application button.



• In Choose Application Type click on Create App button in JWT application type.



• In the next step, search for BigCommerce application from the list and click on it.



• Enter the following values in the respective fields.
1. Custom Application Name [Required] : BigCommerce (According to your choice)
2. Description : According to your choice
3. Redirect-URL [Required] : Storefront URL, e.g. https://{{my-store}}.mybigcommerce.com/login/token/
4. Logout-URL : https://{{my-store}}.mybigcommerce.com
5. Force Authentication : Enable if you want user to authenticate even if the user has a session
6. Primary IDP : The identity source against which user will be authenticated
7. User Mapping : Enable if you are sending the logged-in user from this app in the response



1. Group Name : Default
2. Policy Name : Add policy name according to your Preference
3. Login Method : Password



• Click on Save.
• For Attribute Mapping, navigate to Select >> Edit next to your configured application.



• If you are using an external IDP, jump to the below steps to set up external IDP.
  
• If you are using miniOrange as an IDP:
  • Enter the Client Id, App Secret and Access Token (which we have downloaded from step 1 during API creation in BigCommerce Console).
  • For Signature Algorithm, select HS-256 from the dropdown menu.
  • Set Subject to E-Mail Address.
  
  
  
  • To map the attributes between the miniOrange IDP and BigCommerce application, click on Attributes + button.
  • The first three attributes will be hard-coded values.

  Attribute Name	Attribute Value
  store_hash	You got in this step.
  redirect_to	Endpoint where you wish to redirect the user to after sso. [Homepage or account page e.g. /account.php]
  operation	customer_login

  
  
  
  
  • Click on Save.
  • Now, You can access BigCommerce Account Using IDP credentials through the Single-sign-on URL as shown in image above.
• If you are using an external IDP:
  • Enter the Client Id, App Secret and Access Token (which we have downloaded from step 1 during API creation in BigCommerce Console).
  • For Signature Algorithm, select HS-256 from the dropdown menu.
  • Set Subject to E-Mail Address.
  
  
  
  • You need to map the following attributes coming in from the idp by choosing the external IDP option.
  
  
  
  • Click on Save.
  • Now, You can access BigCommerce Account Using IDP credentials through the Single-sign-on URL as shown in image above.
• Now, You can access BigCommerce Account Using Auth0 credentials through the Single-sign-on URL as shown in image above.

Frequently Asked Questions