BigCommerce Passwordless Login
miniOrange offers a Passwordless Login solution for BigCommerce Store, providing a secure & convenient authentication method. This feature eliminates the need for users to enter passwords, enhancing security and simplifying the login process for a seamless and user-friendly experience within the BigCommerce platform.
BigCommerce Passwordless feature offers following benefits:
- Streamlines access, saving time for users, and potentially increasing conversion rates due to faster logins.
- Flexibility with customizable settings to align with specific store requirements and branding.
- Improves user experience by eliminating the need to remember or reset passwords, creating a positive interaction within the BigCommerce store.
Verified Technology Partner of BigCommerce
Checkout Pricing for miniOrange BigCommerce Passwordless Login
Get Free Installation Help
miniOrange offers free help through a consultation call with our System Engineers to Install or Setup BigCommerce SSO solution in your environment with 30-day free trial.
For this, you need to just send us an email at idpsupport@xecurify.com to book a slot and we'll help you in no time.
Checkout Pricing
Prerequisites
- Create an account (OR) Login into miniOrange Admin Console.
- Click on Customization in the left menu of the dashboard.
- After that, click on the Login and Registration Branding option.
- In Basic Settings, set your company domain in Organization Name textfield.
- Click Save. Once that is set, the branded login URL would be of the format: https://<company_domain>.xecurify.com/moas/login
Follow the step-by-step guide given below for BigCommerce Passwordless Login
1. Create BigCommerce API
2. Configure BigCommerce in miniOrange
- Login into miniOrange Admin Console.
- Go to Apps click on Add Application button.
- In the Choose Application section, open the dropdown list of All Apps and select JWT.
- In the next step, search for BigCommerce application from the list and click on it.
- Enter the following values in the respective fields.
- Enter the Client ID, Client secret and Access token which we have downloaded from step 1 during API creation in BigCommerce Console.
| Display Name [Required] |
BigCommerce (According to your choice) |
| Redirect-URL [Required] |
Storefront URL/login/token/ |
| Client ID |
Copy from the downloaded file in Step 1 |
| Client Secret |
Copy from the downloaded file in Step 1 |
| Access Token |
Copy from the downloaded file in Step 1 |
| Description |
According to your choice |
- For Redirect URL-
- Go to the Channels tab in the left-hand menu.
- Find your store listed under Storefronts. In front of the store name, you will see the full Storefront URL.
- Copy the entire Storefront URL.
- Paste the copied URL and append the login path, /login/token/, to the end.
- Now click on Next and go to Advanced tab.
| Subject |
E-Mail Address. |
| Signature Algorithm |
HS256 |
| Logout URL |
Copy the storefront URL as mentioned above and append /login.php?action=logout
e.g., https://{{my-store}}.mybigcommerce.com/login.php?action=logout |
- Click Next to go to the Login Options tab.
| Primary Identity Provider |
The identity source against which user will be authenticated |
| Force Authentication |
Enable if you want user to authenticate even if the user has a session |
| Enable User Mapping |
Enable if you are sending the logged-in user from this app in the response |
- Click on the Next.
- To perform Attribute Mapping and add new attributes, navigate to the Attributes tab and click on the Add Attribute.
- The first three attributes will be hard-coded values
| Attribute Name | Attribute Type | Attribute Value |
|---|
| store_hash | Custom Attribute Value | Refer to Step 1 above. |
| redirect_to | Custom Attribute Value | Endpoint where you wish to redirect the user to after sso.
[Homepage or account page e.g. /account.php] |
| operation | Custom Profile Attribute | customer_login |
| first_name | External Idp Attribute | first_name |
| last_name | External Idp Attribute | last_name |
| email | External Idp Attribute | email |
- Click on the Next button.
- Navigate to Policies tab.
- Click on Assign Group button.
- On the Assign Group section.
- Choose the DEFAULT group.
- Click on the Next button.
- Assign the policies to the group. Here, you can choose the primary authentication method for users. From the dropdown under First Factor, select Password.
- Click on Save.
- Go to Endpoints tab.
- You can access BigCommerce Account Using IDP credentials through the Single-sign-on URL as shown in image below.
3. Syncing Address, Form, and Custom Attribute Fields to BigCommerce (Optional)
To synchronize address, custom attributes, and form fields from the Identity Provider (IDP) to BigCommerce, the following details must be configured:
Address Fields
To successfully sync customer address information, the following attributes are required:
- first_name
- last_name
- address1
- city
- country_code
In the below diagram, we are using miniOrange as the IDP.
- Before syncing these fields to BigCommerce, you must first create the corresponding attributes in the miniOrange user profile. These attributes will then be mapped and synced to BigCommerce.
- Then we need to configure the attribute mapping in the application.
| Attribute Name | Attribute Type | Value |
|---|
| addresses.first_name | First Name | - |
| addresses.last_name | Last Name | - |
| addresses.address1 | Custom Profile Attribute | address1 |
| addresses.city | Custom Profile Attribute | city |
| addresses.state_or_province | Custom Profile Attribute | state/province |
| addresses.country_code | Custom Profile Attribute | country |
| addresses.postal_code | Custom Profile Attribute | postal_code |
Note: When sending the country value, always use the country code (e.g., US, IN). If you pass the full country name such as “United States”, the value will not be updated — only country codes are supported for correct mapping.
While syncing address fields, ensure that the city, state, and country values you provide are valid options supported by BigCommerce and exist in their respective dropdown lists.
- Now, after completing SSO, go to your BigCommerce dashboard. From the sidebar, click on Customers.
- You will see the list of all customers. Search for the specific user and click on their name.
- Next, open the Customer Address Book section — this is where you will be able to view the customer’s address details.
For the Sign up form fields:
- In BigCommerce, the following form fields are available. We need to configure the corresponding attribute mappings in the application to ensure these fields are correctly synced to BigCommerce.
- Then we need to configure the attribute mapping in the application.
| Attribute Name | Attribute Type | Value |
|---|
| addresses.first_name | First Name | - |
| addresses.last_name | Last Name | - |
| addresses.address1 | Custom Profile Attribute | address1 |
| addresses.city | Custom Profile Attribute | city |
| addresses.state_or_province | Custom Profile Attribute | state/province |
| addresses.country_code | Custom Profile Attribute | country |
| addresses.postal_code | Custom Profile Attribute | postal_code |
| form_fields.name.0 | Custom Attribute Value | Law School |
| form_fields.value.0 | Custom Attribute Value | XYZ |
| form_fields.name.1 | Custom Attribute Value | Bar Exam State |
| form_fields.value.1 | Custom Attribute Value | Arizona |
| form_fields.name.2 | Custom Attribute Value | Bar Exam Date |
| form_fields.value.2 | Custom Attribute Value | 31-12-2025 |
| form_fields.name.3 | Custom Attribute Value | Estimated Graduation Month |
| form_fields.value.3 | Custom Attribute Value | January |
| form_fields.name.4 | Custom Attribute Value | Estimated Graduation Year |
| form_fields.value.4 | Custom Attribute Value | 2025 |
- After completing SSO, go to your BigCommerce dashboard.
- From the left sidebar, click on Customers.
- You will now see the list of all customers.
- Search for the specific user and click on their name.
- The customer profile will open — scroll down to the Customer Details section.
- Here, you will see the signup form fields, where you can view all the customer-submitted form-field details.
For the Attribute Fields
- In BigCommerce, the following attribute fields are available. We need to configure the corresponding attribute mappings in the application to ensure these fields are correctly synced to BigCommerce.
- Then we need to configure the attribute mapping in the application.
| Attribute Name | Attribute Type | Value |
|---|
| color | Custom Profile Attribute | blue |
| customer_address | Custom Profile Attribute | MG road |
| customer_mobile | Custom Profile Attribute | +911234567890 |
| DOB | Custom Profile Attribute | 2002-01-01 |
| attribute_string 01 | Custom Profile Attribute | testing |
- After completing SSO, go to your BigCommerce dashboard.
- From the left sidebar, click on Customers.
- You will now see the list of all customers.
- Search for the specific user and click on their name.
- The customer profile will open — scroll down to the Customer Details section.
- Here, you will see the attribute fields, where you can view all the customer-submitted form-field details.
NOTE: Update customer profile during sso
- Go to the BigCommerce application you have configured in miniOrange.
- Open the Advanced tab.
- Scroll to the bottom of the page.
- Enable the checkbox Update Customer Profile During SSO.
For ExternaI Identity Provider
- Before syncing these fields to BigCommerce, you must first create the corresponding attributes in your external IDP. These attributes will then be mapped and synced to BigCommerce.
- Then we need to configure the attribute mapping in the application.
- For Address field:
| Attribute Name | Attribute Type | Value |
|---|
| addresses.first_name | External Idp Attribute | first_name |
| addresses.last_name | External Idp Attribute | last_name |
| addresses.address1 | External Idp Attribute | address1 |
| addresses.city | External Idp Attribute | city |
| addresses.state_or_province | External Idp Attribute | state/province |
| addresses.country_code | External Idp Attribute | country |
| addresses.postal_code | External Idp Attribute | postal_code |
Note: When sending the country value, always use the country code (e.g., US, IN). If you pass the full country name such as “United States”, the value will not be updated — only country codes are supported for correct mapping.
While syncing address fields, ensure that the city, state, and country values you provide are valid options supported by BigCommerce and exist in their respective dropdown lists.
- Now, after completing SSO, go to your BigCommerce dashboard. From the sidebar, click on Customers.
- You will see the list of all customers. Search for the specific user and click on their name.
- Next, open the Customer Address Book section — this is where you will be able to view the customer’s address details.
For the Sign up form fields:
- In BigCommerce, the following form fields are available. We need to configure the corresponding attribute mappings in the application to ensure these fields are correctly synced to BigCommerce.
| Attribute Name | Attribute Type | Value |
|---|
| form_fields.name.0 | Custom Attribute Value | Law School |
| form_fields.value.0 | External Idp Attribute | XYZ |
| form_fields.name.1 | Custom Attribute Value | Bar Exam State |
| form_fields.value.1 | External Idp Attribute | Arizona |
| form_fields.name.2 | Custom Attribute Value | Bar Exam Date |
| form_fields.value.2 | External Idp Attribute | 31-12-2025 |
| form_fields.name.3 | Custom Attribute Value | Estimated Graduation Month |
| form_fields.value.3 | External Idp Attribute | January |
| form_fields.name.4 | Custom Attribute Value | Estimated Graduation Year |
| form_fields.value.4 | External Idp Attribute | 2025 |
- After completing SSO, go to your BigCommerce dashboard.
- From the left sidebar, click on Customers.
- You will now see the list of all customers.
- Search for the specific user and click on their name.
- The customer profile will open — scroll down to the Customer Details section.
- Here, you will see the signup form fields, where you can view all the customer-submitted form-field details.
For Custom Attribute Fields
- In BigCommerce, the following attribute fields are available. We need to configure the corresponding attribute mappings in the application to ensure these fields are correctly synced to BigCommerce.
- Then we need to configure the attribute mapping in the application.
| Attribute Name | Attribute Type | Value |
|---|
| color | External Idp Attribute | blue |
| customer_address | External Idp Attribute | MG road |
| customer_mobile | External Idp Attribute | +911234567890 |
| DOB | External Idp Attribute | 2002-01-01 |
| attribute_string 01 | External Idp Attribute | testing |
- After completing SSO, go to your BigCommerce dashboard.
- From the left sidebar, click on Customers.
- You will now see the list of all customers.
- Search for the specific user and click on their name.
- The customer profile will open — scroll down to the Customer Details section.
- Here, you will see the attribute fields, where you can view all the customer-submitted form-field details.
NOTE: Update customer profile during sso
- Go to the BigCommerce application you have configured in miniOrange.
- Open the Advanced tab.
- Scroll to the bottom of the page.
- Enable the checkbox Update Customer Profile During SSO.
4. Configure Your User Directory
There are two ways to add users in miniOrange:
5. Create Policy for Passwordless Login
- Go to Policies and click on App Login Policy.
- You will see a list of policies along with your default BigCommerce app policy here.
- Click on the Edit in Action against the BigCommerce policy.
- In the First Factor dropdown, select the Password-less option.
- Select the Enable Two-Factor Authentication (2FA) option.
- Click on Submit.
6. Test SSO Configuration
- Navigate to the Apps section.
- Locate and select your specific application.
- In the Action column for your application, click on the (⋮) to open the action menu.
- From the menu that appears, click on the Edit option.
- Within the application's configuration page, go to the Endpoints tab.
- You will find the SSO URL to authenticate from miniOrange.
- Copy the SSO URL and open it in an incognito/private window. You’ll be redirected to your IDP for login, and after logging in successfully, you’ll be taken back to your store as a logged-in user.
7. Configure Passwordless Login and Single Logout (SLO) in BigCommerce
- Download the script to initiate Single Sign-On in BigCommerce.
- Navigate to Storefront >> Script Manager.
- Click on create a script and add the script file which you have downloaded earlier in the footer of the page.
- Enable settings as given in the image below:
- A text box will be opened where you can add the downloaded script.
- Replace the above pointed url by your BigCommerce SSO url.
- BigCommerce Passwordless Login can be found at your BigCommerce app configuration in miniOrange which is given below.
- Download the script to initiate Single Logout in BigCommerce.
- Navigate to Storefront >> Script Manager.
- Click on create a script and add the script file which you have downloaded earlier in the footer of the page.
- Enable settings as given in the image below:
- A text box will be opened where you can add the downloaded script.
- Replace the above pointed url by below BigCommerce SLO url:
{{mO organizational url}}/idp/oidc/logout?post_logout_redirect_uri={{your bigcommerce store url}}/login.php?action=logout
- Here, replace the {{mO organizational url}} with the highlighted URL below, found at your SSO url in your app configuration.
- Replace the {{bigcommerce store url}} with your bigcommerce store url.
External References
Frequently Asked Questions
What is the most commonly used passwordless login method by organizations?
One of the most common passwordless login methods used by organizations is One-Time Password (OTP) over SMS or phone. This method allows users to skip entering login credentials traditionally and directly access the apps with a one-time password sent to their phone or email.
Can I log into BigCommerce using Azure / Okta / Office 365 credentials?
Yes, we support SSO into BigCommerce using Microsoft Entra ID , Okta and Office 365 credentials.
Are the users automatically synced into BigCommerce during SSO or should the user exist on BigCommerce as well?
If the user does not exist in your BigCommerce store, our SSO solution will automatically create the user on BigCommerce and perform a seamless login.
Do you support social login for BigCommerce?
Yes, we support social login providers such as google, facebook, twitter and many more. You can set up your Social login app by following this guide:BigCommerce Social Login.
