I want my customers to be able to login to my Shopify store via my existing website account system.
This means that if they've already entered their address on my website, they don't need to enter it again in Shopify. (And if I can also track my users' shopping behaviour that would be a bonus.)
I found this related discussion on the Shopify forums (about Facebook login), but with no clear answer:
https://ecommerce.shopify.com/c/shopify-apis-and-technology/t/login-with-facebook-114126
Is it possible to use oAuth (or some other method) to enable this kind of functionality in Shopify?
The official Shopify method to login to your store from your third-party website is to use Multipass, however this requires a Shopify Plus account (starting at $995/month).
Shopify does provide some support for oAuth, however it appears to be mainly used for shop-owners adding third-party apps into their stores, not for creating customer accounts.
There are various apps available for social login functionality. While these won't exactly provide the functionality you need, they must have a found a way of creating new user accounts, so perhaps they can hint at a possible solution for this.
See https://apps.shopify.com/search/query?utf8=%E2%9C%93&q=log+in
Related
I am currently looking into the W3C Payment Request API as part of a project for a new e-commerce checkout flow (mostly for supporting faster check-out using Apple Pay and Google Pay).
From looking at the API specification's change history, it looks like this change instituted earlier this year removes support for requesting the buyer's address with a payment request. The documentation of our payment service provider still shows this option, and it seems to work for now. That being said, I don't want to rely on a feature that browsers might start dropping soon because it's no longer in the standard, breaking our checkout flow.
Does anyone know if there is a recommended new way to handle this via the API, or if it is advisable to move the collection of the buyer's billing and shipping addresses back to a form on our page even when using the payment request API?
As far as the Payment Request API is concerned, I think there three primary options:
Apple Pay
Google Pay
basic-card
As you may have seen, basic-card is being deprecated (https://blog.chromium.org/2021/10/sunsetting-basic-card-payment-method-in.html) so you probably want to avoid this option.
Both Apple Pay and Google Pay provide access to billing and shipping address, and can be accessed as payment methods in the Payment Request API, and both provide their own alternate APIs (Apple Pay JS API and Google Pay Online API).
I don't know about Apple Pay, but the advice for Google Pay is to use Google Pay Online API (which makes use of the Payment Request API when available). Google Pay provides a consistent API for browsers that do and don't support the Payment Request API.
Does anyone know if there is a recommended new way to handle this via the API, or if it is advisable to move the collection of the buyer's billing and shipping addresses back to a form on our page even when using the payment request API?
The guidance for Google Pay is to place the Google Pay button above manual entry fields and to collect shipping information from Google Pay so that users can users don't start filling in the form before realizing there was a faster checkout option available.
So prioritize the digital checkout options for users that choose to use it, and make use of billing/shipping information from the digital wallet APIs. Make manual form fields available (suggest that form fields also make correct use of autofill attributes) for users who don't have access to or choose not to use the other payment options.
Demo site available with this in action: https://paydemo.withgoogle.com
FYI, if you're looking to integrate Google Pay into your site and are using a JavaScript framework, consider using the framework specific components from Google Pay for easier integration: https://github.com/google-pay/google-pay-button
Our client has asked us to build a Shopify site that ties into their in-house customer db (with or without using Salesforce). Is this even possible? Does Shopify support any method of cross-site database querying?
The only thing I can think of to accomplish this is to write a webhook on their in-house server with a simple read-only mini DB query API. However, as that I'm not super familiar with Shopify's more obscure capabilities (and having already spent quite some time sifting through their docs and running google searches on the matter with absolutely zero results), I'm not even sure if this is possible.
Are we barking up an impossible tree, or is this something that can actually be accomplished?
Thank you in advance for any help you can give.
What I have understood from your description is you already have an external database with user login details and you want to use the same for authentication in Shopify. If yes, then it is possible with Shopify Multipass feature. This feature is only available for Shopify Plus plans. From the Shopify Multipass docs
Multipass login is for store owners who have a separate website and a
Shopify store. It redirects users from the website to the Shopify
store and seamlessly logs them in with the same email address they
used to sign up for the original website. If no account with that
email address exists yet, one is created. There is no need to
synchronize any customer databases.
For your particular scenario, you would have to validate user credentials with your external database, generate multipass url and redirect.
Yes your requirement is quite possible. But the method i am going to mention is a hack basically. Below are the steps:
Create Login page/Account creation page in Shopify
When the user does a login/create account you send the information to your server via below methods
JSONP request
Creating a iframe of your domain and passing the information in the iframe
Now, you validate the user credentials at your server
After validating you check if the user is present in Shopify. If not you create the user with a password. API Link
Make sure you save the user password you push into Shopify at your end also.
Now when you have completed authentication of the user, return back Shopify username and password
Create a hidden form in Shopify liquid file and pass the credentials in the respective fields and submit the form and user should be able to log in with the existing password they have!
I have developed a Shopify app, I wonder if we can perform the following functionality :
when a customer has logged in to his account on the store I want to also log him into my app, in another word I want to make a customer account is the same as his account on my app.
One thing you know. A customer logged into a Shopify store has a visible ID to Javascript. You could thus use an App Proxy to securely pass back their ID to your App. Using that ID, you can offer functionality to that customer, in your App. As long as you restrict access to the Proxy, you'd be A-Ok security wise.
If you wanted to allow access to the App without Proxy calls, you'll have to put into place your own security, which as we know from experience, will likely be weak and or a calamity. Most people should never roll their own security patterns. If they login to the App, without Shopify Plus Multipass, you cannot log them into Shopify. So you have no other options AFAIK.
I am trying to make a plan to update my client's shopify stores by building Shopify app or using external library. Basically, I want to provide my clients with some convenience by automating the inventory update, order process and extra stuff.
For now, I have only two scenarios.
Whenever my wholesale inventory changes, i want to update my client's shopify product list to be updated (quantity, price and product description) accordingly.
Whenever my client(shopify store owner) receives an order from his/her customer, i want the order information to be automatically transferred to my server.
If possible, I want my clients to be able to integrate with my application without any tech knowledge. I have looked into the Shopify app (public/private) and some external API(java), because I am a java developer.
I checked Shopify Java library which requires api key and password to be able to access shopify owner's store for product/order access, but I am not sure how user-friendly this approach is in terms of Shopify owner's side.
For Shopify public app, I am not familiar with it, so I am not sure how much I can do with it.
Could somebody provide some details about pros/cons about these approaches?
Thanks.
All you need to know is that with Shopify, you can connect to their shop using standard HTTPS. Even better, it's all GraphQL now. As for credentials, Shopify is fully modern and offers you two methods of getting credentials.
Your merchant client can create credentials with permissions right inside their Shopify Admin -> Apps. They give you the keys, you're in business
You get them (or you) to simply click install your App running at some HTTPS address, and you use oAuth to get the credentials.
Either way, makes no difference to the actual code you write to interact with their shop and deal with inventory, sales etc. You do not need to make your App public in the sense of App store, so you can use your partner dashboard to create an App and oAuth install, or like I said, use the private App way.
A client I work with wants to know if it's possible to use the Yodlee API to look up recent transactions on any credit card.
They'd like it to work without the user needing to be signed up with Yodlee, either directly at the site, or indirectly through a branded partner.
I assume this would be possible if the credit card company itself shared it's transaction data with Yodlee directly, and made it available to their API customers, but I haven't been able to figure this out from the docs available on their website, and haven't been able to reach anyone at Yodlee themselves to ask.
I work for Yodlee. Sorry to hear you're having a hard time getting a hold of us. To answer your question, yes the user has to explicitly authorize any application that leverages the Yodlee API and explicitly add access to their financial accounts for that application.
Best,
Grace
Yodlee screenscrapes websites to retrieve it's information.
Which means that they physically (but in an automated fashion) visit the website in a browser (IE8). Thus to pull any information down they have to visit the website, log in successfully, (optionally but more so on more banks; authenticate the computer) and then they can see all of the information that the user sees. Their API acts as a real time bridge between you (the end user using your website or app) and this browser.
So you have to either implement their very much so convoluted Yodlee API or use one of their generic hosted pages and direct the user to it where upon he/she enters the necessary information. You also have to have an agreement with them too. You also have to convince the user to do it :)