Login   Sign Up Contact Us
Hello there!

Need Help? We are right here!
miniOrange Email Support
success

Thanks for your Enquiry.

If you don't hear from us within 24 hours, please feel free to send a follow-up email to info@xecurify.com

Search Results:

×

Azure B2C Single Sign-On (SSO) for BigCommerce

BigCommerce Partner logo

miniOrange provides a ready to use Azure AD B2C solution for BigCommerce. This solution ensures that you are ready to roll out secure access to BigCommerce using Azure ad b2c within minutes. Azure Active Directory B2C provides business-to-customer identity service for your customers to use their preferred local account identities, social or enterprise to get Single Sign-On (SSO) access to your apps and APIs.


Get Free Installation Help


miniOrange offers free help through a consultation call with our System Engineers to Install or Setup BigCommerce SSO solution in your environment with 30-day free trial.

For this, you need to just send us an email at idpsupport@xecurify.com to book a slot and we'll help you in no time.


Checkout Pricing


Video Setup Guide


Connect with External Source of Users


miniOrange provides user authentication from various external sources, which can be Directories (like ADFS, Microsoft Active Directory, Azure AD, OpenLDAP, Google, AWS Cognito etc), Identity Providers (like Shibboleth, Ping, Okta, OneLogin, KeyCloak), Databases (like MySQL, Maria DB, PostgreSQL) and many more.



Prerequisites

  • Log into miniOrange Admin Console.
  • Click on Customization in the left menu of the dashboard.
  • In Basic Settings, set your company domain in Organization Name textfield.
  • Click Save. Once that is set, the branded login URL would be of the format https://<company_domain>.xecurify.com/moas/login
    • 2FA Two-Factor authentication for BigCommerce : setting up branding

Follow the Step-by-Step Guide given below for BigCommerce Single Sign-On (SSO)

1. Configure miniOrange as Service Provider (SP) in Azure B2C

  • Go to your Azure B2C portal page. Click on Applications and then Add.
    • Azure b2c sso Login : azure-b2c-add-application

  • Give a name to your app and toggle ON the Web App and Implicit flow options.
    • Azure b2c sso Login : azure-b2c-app-create

  • To get the Redirect URL:
    • Go to miniOrange Admin Console.
    • From the left navigation bar select Identity Provider.
      • Azure B2C as IDP

    • Copy the Callback URL as Redirect URL required for next step.
      • Azure B2C as IDP

  • Paste the OAuth Callback URL from above step in the Reply URL field.
  • Click on Register.
  • Go to your application. Click on Certificates and secrets.
  • Create New client secret.
    • Azure B2C as IDP

  • Click on Save.
  • Once saved, the generated secret will be revealed.
  • Copy the value as your application's Client Secret.
    • Azure B2C as IDP

  • Go to User Flow and add New User Flow.
    • Azure B2C as IDP

  • Select Sign up and Sign in User Flow type.
    • Azure B2C as IDP

  • Give a name to your policy and save.
  • Check the user attributes Given Name, Surname, email in the User attributes and token claims section given below.
    • Azure B2C as IDP

  • Click on Create.
  • Go to Application registrations >> Overview.
  • Copy the Application (client) ID. We will require this later.
    • Azure B2C as IDP

  • Go to Application registrations >> Endpoints.
  • Replace the “policy-name” in the endpoints urls with your user flows (policy name).
  • Copy these endpoints and paste them into miniOrange while configuring Azure B2C as OAuth 2.0 Provider given in the next step.
    • Azure B2C as IDP

2. Configure Azure B2C as OAuth 2.0 Provider in miniOrange.

  • Go to miniOrange Admin Console.
  • From the left navigation bar select Identity Provider. Select Oauth.
    • Azure b2c as IDP: Azure B2C sso

    Azure b2c as IDP: Azure B2C sso

  • Enter the following values.
    • IdP Name Custom Provider
    IdP Display Name Choose appropriate Name
    OAuth Authorize Endpoint From here
    OAuth Access Token Endpoint From here
    Client ID From step 1
    Client secret From step 1
    Scope auto
  • Click Save
  • Navigate back to View Identity Providers page.
  • Click on select against the configured IDP and select Make Default.
    • BigCommerce - Select Make Default


3. Configure BigCommerce in miniOrange

3.1. Create BigCommerce API

  • Log in to BigCommerce Admin Panel.
  • Go to the Settings from the menu, scroll down and select API Accounts.
    • BigCommerce Single Sign-On (SSO): API account

  • Click on Create API Account and choose Create V2/V3 API Token option from the menu shown.
  • Add a suitable name for your API account.
  • API Path will be used as the store_hash value when we configure BigCommerce in miniOrange which will require in step2.
    • BigCommerce Single Sign-On (SSO): API Path

  • Enable the Customers option as Modify and Customers Login option as login. Keep rest of the settings as it is.
  • Click on Save.
    • BigCommerce Single Sign-On (SSO): API Configuration

  • Download the API credentials file. It contains the API token, Client ID and Client Secret.
    • BigCommerce Single Sign-On (SSO): API Credential Download

3.2. Configure BigCommerce in miniOrange

  • Login into miniOrange Admin Console.
  • Go to Apps Click on Add Application button.
    • BigCommerce Single Sign-On (SSO) add app

  • In Choose Application Type click on Create App button in JWT application type.
    • BigCommerce Single Sign-On (SSO) choose JWT as app type

  • In the next step, search for BigCommerce application from the list and click on it.
    • BigCommerce Single Sign-On (SSO): Select BigCommerce Application

  • Enter the following values in the respective fields.
    1. Custom Application Name [Required] : BigCommerce (According to your choice)
    2. Description : According to your choice
    3. Redirect-URL [Required] : Storefront URL, e.g. https://{{my-store}}.mybigcommerce.com/login/token/
    4. Logout-URL : https://{{my-store}}.mybigcommerce.com
    5. Force Authentication : Enable if you want user to authenticate even if the user has a session
    6. Primary IDP : The identity source against which user will be authenticated
    7. User Mapping : Enable if you are sending the logged-in user from this app in the response
    BigCommerce Single Sign-On (SSO): add jwt app

    1. Group Name : Default
    2. Policy Name : Add policy name according to your Preference
    3. Login Method : Password
    BigCommerce Single Sign-On (SSO): add jwt app

  • Click on Save.
  • For Attribute Mapping, navigate to Select >> Edit next to your configured application.
    • BigCommerce Single Sign-On (SSO): add jwt app

  • Enter the Client Id, App Secret and Access Token (which we have downloaded from step 1 during API creation in BigCommerce Console).
  • For Signature Algorithm, select HS-256 from the dropdown menu.
  • Set Subject to E-Mail Address.
    • BigCommerce Single Sign-On (SSO): configure Client ID and Client Secret

  • You need to map the following attributes coming in from the idp by choosing the external IDP option.
    • Attribute Mapping

  • Click on Save.
  • Now, You can access BigCommerce Account Using IDP credentials through the Single-sign-on URL as shown in image above.

External References

Want To Schedule A Demo?

Request a Demo
  



Our Other Identity & Access Management Products

Single Sign-On

Seamless login for workforce and customer identity to cloud or on-premise apps

Learn more

Multi-factor Authentication

Secure access for identities with an additional layer of authentication

Learn more

Adaptive Authentication

Block or grant user access based on IP, Device, Time & Location

Learn more

Lifecycle Management

Manage & automate user provisioning and deprovisioning to apps

Learn More