SSO Login Using BigCommerce IDP

---

SSO Login Using BigCommerce IDP is a process where users can login to their external application with BigCommerce website credentials. It allows users to access various applications and external websites with a Single Sign-On (SSO).
Users will authenticate themselves via their BigCommerce credentials and once they successfully integrate with BigCommerce IDP they can access all the external applications.

Prerequisites

• Log into miniOrange Admin Console.
• Click on Customization in the left menu of the dashboard.
• In Basic Settings, set your company domain in Organization Name textfield.
• Click Save. Once that is set, the branded login URL would be of the format https://<company_domain>.xecurify.com/moas/login

Follow the Step-by-Step Guide given below to setup SSO login using BigCommerce IDP

1. Setup BigCommerce as an IDP in miniOrange

• Login with your miniOrange account.
• Navigate to User Stores and click on the Add User Store button.



• Switch to the API tab and select BigCommerce as API Type from the dropdown.



• Provide an API identifier name.
• Refer this step to get the Store Hash, Client ID and Client Token.
• Click on the Save button.
• To test the connection, select the user store you just added and click on Test Authorization API.



• Enter your BigCommerce credentials when prompted and you should be able to see a Success message.

2. Configure BigCommerce in miniOrange

• Login into miniOrange Admin Console.
• Go to Apps Click on Add Application button.



• In Choose Application Type click on Create App button in JWT application type.



• In the next step, search for BigCommerce application from the list and click on it.



• Enter the following values in the respective fields.
1. Custom Application Name [Required] : BigCommerce (According to your choice)
2. Description : According to your choice
3. Redirect-URL [Required] : Storefront URL, e.g. https://{{my-store}}.mybigcommerce.com/login/token/
4. Logout-URL : https://{{my-store}}.mybigcommerce.com
5. Force Authentication : Enable if you want user to authenticate even if the user has a session
6. Primary IDP : The identity source against which user will be authenticated
7. User Mapping : Enable if you are sending the logged-in user from this app in the response



1. Group Name : Default
2. Policy Name : Add policy name according to your Preference
3. Login Method : Password



• Click on Save.
• For Attribute Mapping, navigate to Select >> Edit next to your configured applicaition.



• For miniOrange as an IDP:
  • Enter the Client Id, App Secret and Access Token (which we have downloaded from step 1 during API creation in BigCommerce Console).
  • For Signature Algorithm, select HS-256 from the dropdown menu.
  • Set Subject to E-Mail Address.
  
  
  
  • To map the attributes between the miniOrange IDP and BigCommerce application, click on Attributes + button.
  • The first three attributes will be hard-coded values.

  Attribute Name	Attribute Value
  store_hash	You got in this step.
  redirect_to	Endpoint where you wish to redirect the user to after sso. [Homepage or account page e.g. /account.php]
  operation	customer_login

  
  
  
  
  • Click on Save.
  • Now, You can access BigCommerce Account Using IDP credentials through the Single-sign-on URL as shown in image above.

Additional Resources

• What is Identity Brokering?
• What is Customer Identity and Access Management (CIAM)?
• Know about Social Login Solution
• Read more about "What is JWT" & how does it work?

If you are looking for anything which you cannot find, please drop us an email on idpsupport@xecurify.com.