• Home
• App Integrations
• BigCommerce Passwordless login

miniOrange offers a Passwordless Login solution for BigCommerce Store, providing a secure & convenient authentication method. This feature eliminates the need for users to enter passwords, enhancing security and simplifying the login process for a seamless and user-friendly experience within the BigCommerce platform.

BigCommerce Passwordless feature offers following benefits:

• Streamlines access, saving time for users, and potentially increasing conversion rates due to faster logins.
• Flexibility with customizable settings to align with specific store requirements and branding.
• Improves user experience by eliminating the need to remember or reset passwords, creating a positive interaction within the BigCommerce store.

Verified Technology Partner of BigCommerce

Checkout Pricing for miniOrange BigCommerce Passwordless Login

Prerequisites

• Create an account (OR) Login into miniOrange Admin Console.
• Click on Customization in the left menu of the dashboard.
• After that, click on the Login and Registration Branding option.
• In Basic Settings, set your company domain in Organization Name textfield.
• Click Save. Once that is set, the branded login URL would be of the format: https://<company_domain>.xecurify.com/moas/login

Follow the step-by-step guide given below for BigCommerce Passwordless Login

1. Create BigCommerce API

• Log in to BigCommerce Admin Panel.
• Go to Settings >> API >> Store-level API Accounts.



• Click Create API Account and choose the token type as V2/V3 API Token.
• Add a suitable name for your API account.

  Note: In BigCommerce, the API Path is the base URL that your application or integration uses to connect to your store’s data through BigCommerce APIs. The Store Hash is a unique identifier automatically generated by BigCommerce for each store. It appears in the API Path.

• Copy the highlighted Store Hash from the API Path.



• This Store Hash will be required while configuring BigCommerce in miniOrange.
• Enable the Customers option as Modify and Customers Login option as login. Keep rest of the settings as it is.
• Click on Save.
• Download the API credentials file. It contains the API token, Client ID and Client Secret.

2. Configure BigCommerce in miniOrange

• Login into miniOrange Admin Console.
• Go to Apps click on Add Application button.



• In the Choose Application section, open the dropdown list of All Apps and select JWT.



• In the next step, search for BigCommerce application from the list and click on it.



• Enter the following values in the respective fields.



• Enter the Client ID, Client secret and Access token which we have downloaded from step 1 during API creation in BigCommerce Console.

  Display Name [Required]	BigCommerce (According to your choice)
  Redirect-URL [Required]	Storefront URL/login/token/
  Client ID	Copy from the downloaded file in Step 1
  Client Secret	Copy from the downloaded file in Step 1
  Access Token	Copy from the downloaded file in Step 1
  Description	According to your choice

Note: Your Redirect URL should be: <Storefront URL>/login/token/
For Example: https://xyz.bigcommerce.com/login/token/


To find your Storefront URL: Go to Channels >> Storefronts. Copy the URL listed for your store.






• Now click on Next and go to Advanced tab.




Subject	E-Mail Address.
Signature Algorithm	HS256
Logout URL	Copy the storefront URL as mentioned above and append /login.php?action=logout

• Click Next to go to the Login Options tab.




Primary Identity Provider	The identity source against which user will be authenticated
Force Authentication	Enable if you want user to authenticate even if the user has a session
Enable User Mapping	Enable if you are sending the logged-in user from this app in the response

• Click on the Next.
• To perform Attribute Mapping and add new attributes, navigate to the Attributes tab and click on the Add Attribute.
• The first three attributes will be hard-coded values

  Attribute Name	Attribute Type	Attribute Value
  store_hash	Custom Attribute Value	Refer to Step 1 above.
  redirect_to	Custom Attribute Value	Endpoint where you wish to redirect the user to after sso. [Homepage or account page e.g. /account.php]
  operation	Custom Profile Attribute	customer_login
  first_name	External Idp Attribute	first_name
  last_name	External Idp Attribute	last_name
  email	External Idp Attribute	email




• Click on the Next button.
• Navigate to Policies tab.
• Click on Assign Group button.



• On the Assign Group section.
• Choose the DEFAULT group.
• Click on the Next button.



• Assign the policies to the group. Here, you can choose the primary authentication method for users. From the dropdown under First Factor, select Password.



• Click on Save.
• Go to Endpoints tab.



• You can access BigCommerce Account Using IDP credentials through the Single-sign-on URL as shown in image below.

3. Syncing Address, Form, and Custom Attribute Fields to BigCommerce (Optional)

To synchronize address, custom attributes, and form fields from the Identity Provider (IDP) to BigCommerce, the following details must be configured:

Address Fields

To successfully sync customer address information, the following attributes are required:

• first_name
• last_name
• address1
• city
• country_code

• miniOrange as IDP
• ExternaI Identity Provider

In the below diagram, we are using miniOrange as the IDP.

• Before syncing these fields to BigCommerce, you must first create the corresponding attributes in the miniOrange user profile. These attributes will then be mapped and synced to BigCommerce.



• Then we need to configure the attribute mapping in the application.

  Attribute Name	Attribute Type	Value
  addresses.first_name	First Name	-
  addresses.last_name	Last Name	-
  addresses.address1	Custom Profile Attribute	address1
  addresses.city	Custom Profile Attribute	city
  addresses.state_or_province	Custom Profile Attribute	state/province
  addresses.country_code	Custom Profile Attribute	country
  addresses.postal_code	Custom Profile Attribute	postal_code





Note: When sending the country value, always use the country code (e.g., US, IN). If you pass the full country name such as “United States”, the value will not be updated — only country codes are supported for correct mapping.

While syncing address fields, ensure that the city, state, and country values you provide are valid options supported by BigCommerce and exist in their respective dropdown lists.



• Now, after completing SSO, go to your BigCommerce dashboard. From the sidebar, click on Customers.
• You will see the list of all customers. Search for the specific user and click on their name.
• Next, open the Customer Address Book section — this is where you will be able to view the customer’s address details.

For the Sign up form fields:

• In BigCommerce, the following form fields are available. We need to configure the corresponding attribute mappings in the application to ensure these fields are correctly synced to BigCommerce.



• Then we need to configure the attribute mapping in the application.

  Attribute Name	Attribute Type	Value
  addresses.first_name	First Name	-
  addresses.last_name	Last Name	-
  addresses.address1	Custom Profile Attribute	address1
  addresses.city	Custom Profile Attribute	city
  addresses.state_or_province	Custom Profile Attribute	state/province
  addresses.country_code	Custom Profile Attribute	country
  addresses.postal_code	Custom Profile Attribute	postal_code
  form_fields.name.0	Custom Attribute Value	Law School
  form_fields.value.0	Custom Attribute Value	XYZ
  form_fields.name.1	Custom Attribute Value	Bar Exam State
  form_fields.value.1	Custom Attribute Value	Arizona
  form_fields.name.2	Custom Attribute Value	Bar Exam Date
  form_fields.value.2	Custom Attribute Value	31-12-2025
  form_fields.name.3	Custom Attribute Value	Estimated Graduation Month
  form_fields.value.3	Custom Attribute Value	January
  form_fields.name.4	Custom Attribute Value	Estimated Graduation Year
  form_fields.value.4	Custom Attribute Value	2025




• After completing SSO, go to your BigCommerce dashboard.
• From the left sidebar, click on Customers.
• You will now see the list of all customers.
• Search for the specific user and click on their name.
• The customer profile will open — scroll down to the Customer Details section.
• Here, you will see the signup form fields, where you can view all the customer-submitted form-field details.

For the Attribute Fields

• In BigCommerce, the following attribute fields are available. We need to configure the corresponding attribute mappings in the application to ensure these fields are correctly synced to BigCommerce.



• Then we need to configure the attribute mapping in the application.

  Attribute Name	Attribute Type	Value
  color	Custom Profile Attribute	blue
  customer_address	Custom Profile Attribute	MG road
  customer_mobile	Custom Profile Attribute	+911234567890
  DOB	Custom Profile Attribute	2002-01-01
  attribute_string 01	Custom Profile Attribute	testing




• After completing SSO, go to your BigCommerce dashboard.
• From the left sidebar, click on Customers.
• You will now see the list of all customers.
• Search for the specific user and click on their name.
• The customer profile will open — scroll down to the Customer Details section.
• Here, you will see the attribute fields, where you can view all the customer-submitted form-field details.

NOTE: Update customer profile during sso

• Go to the BigCommerce application you have configured in miniOrange.
• Open the Advanced tab.
• Scroll to the bottom of the page.
• Enable the checkbox Update Customer Profile During SSO.

For ExternaI Identity Provider

• Before syncing these fields to BigCommerce, you must first create the corresponding attributes in your external IDP. These attributes will then be mapped and synced to BigCommerce.
• Then we need to configure the attribute mapping in the application.
• For Address field:

  Attribute Name	Attribute Type	Value
  addresses.first_name	External Idp Attribute	first_name
  addresses.last_name	External Idp Attribute	last_name
  addresses.address1	External Idp Attribute	street1
  addresses.city	External Idp Attribute	city
  addresses.state_or_province	External Idp Attribute	state
  addresses.country_code	External Idp Attribute	country
  addresses.postal_code	External Idp Attribute	zipcode





Note: When sending the country value, always use the country code (e.g., US, IN). If you pass the full country name such as “United States”, the value will not be updated — only country codes are supported for correct mapping.

While syncing address fields, ensure that the city, state, and country values you provide are valid options supported by BigCommerce and exist in their respective dropdown lists.



• Now, after completing SSO, go to your BigCommerce dashboard. From the sidebar, click on Customers.
• You will see the list of all customers. Search for the specific user and click on their name.
• Next, open the Customer Address Book section — this is where you will be able to view the customer’s address details.




For the Sign up form fields:

• In BigCommerce, the following form fields are available. We need to configure the corresponding attribute mappings in the application to ensure these fields are correctly synced to BigCommerce.




Attribute Name	Attribute Type	Value
form_fields.name.0	Custom Attribute Value	Law School
form_fields.value.0	External Idp Attribute	law_school
form_fields.name.1	Custom Attribute Value	Bar Exam State
form_fields.value.1	External Idp Attribute	bar_exam_state
form_fields.name.2	Custom Attribute Value	Bar Exam Date
form_fields.value.2	External Idp Attribute	bar_exam_date
form_fields.name.3	Custom Attribute Value	Estimated Graduation Month
form_fields.value.3	External Idp Attribute	month
form_fields.name.4	Custom Attribute Value	Estimated Graduation Year
form_fields.value.4	External Idp Attribute	year




• After completing SSO, go to your BigCommerce dashboard.
• From the left sidebar, click on Customers.
• You will now see the list of all customers.
• Search for the specific user and click on their name.
• The customer profile will open — scroll down to the Customer Details section.
• Here, you will see the signup form fields, where you can view all the customer-submitted form-field details.




For Custom Attribute Fields

• In BigCommerce, the following attribute fields are available. We need to configure the corresponding attribute mappings in the application to ensure these fields are correctly synced to BigCommerce.



• Then we need to configure the attribute mapping in the application.

  Attribute Name	Attribute Type	Value
  color	External Idp Attribute	color
  customer_address	External Idp Attribute	address
  customer_mobile	External Idp Attribute	mobile_number
  DOB	External Idp Attribute	birth_date
  attribute_string 01	External Idp Attribute	string




• After completing SSO, go to your BigCommerce dashboard.
• From the left sidebar, click on Customers.
• You will now see the list of all customers.
• Search for the specific user and click on their name.
• The customer profile will open — scroll down to the Customer Details section.
• Here, you will see the attribute fields, where you can view all the customer-submitted form-field details.




NOTE: Update customer profile during sso

• Go to the BigCommerce application you have configured in miniOrange.
• Open the Advanced tab.
• Scroll to the bottom of the page.
• Enable the checkbox Update Customer Profile During SSO.

4. Configure Your User Directory

There are two ways to add users in miniOrange:

• 1. Create User in miniOrange
• 2. Bulk Upload Users

5. Create Policy for Passwordless Login

• Go to Policies and click on App Login Policy.



• You will see a list of policies along with your default BigCommerce app policy here.
• Click on the Edit in Action against the BigCommerce policy.



• In the First Factor dropdown, select the Password-less option.
• Select the Enable Two-Factor Authentication (2FA) option.



• Click on Submit.

6. Test SSO Configuration

• Navigate to the Apps section.
• Locate and select your specific application.
• In the Action column for your application, click on the (⋮) to open the action menu.
• From the menu that appears, click on the Edit option.
• Within the application's configuration page, go to the Endpoints tab.
• You will find the SSO URL to authenticate from miniOrange.



• Copy the SSO URL and open it in an incognito/private window. You’ll be redirected to your IDP for login, and after logging in successfully, you’ll be taken back to your store as a logged-in user.

7. Configure Passwordless Login and Single Logout (SLO) in BigCommerce

• SSO
• SLO

• Download the script to initiate Single Sign-On in BigCommerce.
• Navigate to Storefront >> Script Manager.
• Click on create a script and add the script file which you have downloaded earlier in the Header of the page.



• Enable settings as given in the image below:



• A text box will be opened where you can add the downloaded script.



• Replace the above pointed url by your BigCommerce SSO url.
• BigCommerce Passwordless Login can be found at your BigCommerce app configuration in miniOrange which is given below.

• Download the script to initiate Single Logout in BigCommerce.
• Navigate to Storefront >> Script Manager.
• Click on create a script and add the script file which you have downloaded earlier in the footer of the page.



• Enable settings as given in the image below:



• A text box will be opened where you can add the downloaded script.



• Replace the above pointed url by below BigCommerce SLO url:
  {{mO organizational url}}/idp/oidc/logout?post_logout_redirect_uri={{your bigcommerce store url}}/login.php?action=logout
• Here, replace the {{mO organizational url}} with the highlighted URL below, found at your SSO url in your app configuration.



• Replace the {{bigcommerce store url}} with your bigcommerce store url.

External References

• Know more about Single-Sign On (SSO)
• What is Customer Identity and Access Management (CIAM)?
• Read more about "What is JWT" & how does it work?
• Connect easily with any external identity source like Microsoft Entra ID, Auth0, etc.
• Setup SSO for multiple BigCommerce storefronts

Frequently Asked Questions