I’m currently building a marketplace & the e-commerce third party I’m using is Shopify. This is purely for an MVP purpose, & I know I don’t want to keep this solution forever. Here comes Auth0. I would love to use Auth0 right now for the user management, login, signups etc.
The thing is, Shopify needs customers to be created on its side as well in order to link it to orders. Do you know how to achieve this? Should I do it manually? Or do you have a way to connect to Shopify to replace their authentication/customer feature?
(I don’t have Shopify Plus btw, so I can’t use their “multipass” feature).
Welcome to the Auth0 Community.
There maybe a couple of options for you.
If it was easier for you to use Shopify as your IdP (your user base is there but you can login to your Auth0 apps with those accounts) you could use our integration https://marketplace.auth0.com/integrations/shopify-social-connection also see here https://community.auth0.com/t/create-shopify-connections-for-customers/91149
More specifically to your scenario, you may prefer to keep Auth0 as your IdP in which case once a user is created/signed up in Auth0, you can configure a Post User Registration Action where you let Shopify know a user has been created/signed up and send the user_id across as a link and have Shopify create the user at their end with the Auth0 Id sent for mapping/linking purposes, Shopify can then use that account for orders etc.
Would any of these options work for you?
Indeed, I would like to have Auth0 being my main IdP. However I wonder how it would work with the Shopify API:
The customers on Shopify are associated to orders for example, and the way to retrieve the orders for shopify is to query a customer, then their order on the GraphQL API.
As you can see, the parameter here is based on the customer token we retrieve from the authentication. So how would it work if we had Auth0 taking care of the authentication instead of shopify?
It looks like there are various ways to create a customer and view orders e.g. the Admin API https://shopify.dev/api/admin-rest/2023-01/resources/customer#post-customers using a Shopify Access Token which you may be able to get without user (customer) credentials https://shopify.dev/api/admin-graphql/2023-01/queries/orders via your application.
There also appears to be support for OAuth 2.0 flow to enable you to get access tokens https://shopify.dev/apps/auth/oauth, there’s an example here that uses client credentials https://shopify.dev/apps/auth/oauth/getting-started which might be a good fit for you to query their API.