Storefront Weburl Checkout Logged In

Solved
amiewilt
New Member
3 0 0
 
We have a react native app that currently supports a Shopify store through a web view. We are redoing the app and building out the store using react native, and we're using Shopify's webUrl for checkout. We authenticate the user prior to viewing products and then get an access token to pass in checkoutCustomerAssociateV2, however the user's info isn't populated and rather they are prompted to log in again via a "Login" link.
 
How can we avoid the user having to log in again through the webUrl checkout view?
0 Likes
hassain
Shopify Staff (Retired)
Shopify Staff (Retired)
624 103 134

This is an accepted solution.

Hi @amiewilt 

 

What you are describing is a known use case. Having customers auto-logged in when they re-direct from the API to Web Checkout is a security issue. Since the checkout URL is unauthenticated, then you'd have a checkout URL that could be shared or stored that gives direct access to a customer's details. So when a customer is associated with a checkout, we require them to re-login to validate that they have access. You can read more about the issue here.
 
If you are using the Mobile SDKs, this can be resolved by passing the customer access token through the custom header of “X-Shopify-Customer-Access-Token” in your request to load the web checkout URL. See here for more details.
 
On web, the only way to accomplish this right now would be to use Multipass and its API to associate the customer accounts instead of using the mutation “customerCheckoutAssociatev2”. This will allow customers to be logged in and be directed to checkouts while remaining logged in. However this functionality is only available for Shopify Plus merchants right now.
 
 

Hassain | Developer Support Specialist @ Shopify
 - Was my reply helpful? Click Like to let me know! 
 - Was your question answered? Click Accept as Solution 

0 Likes
karmelcorn
Tourist
7 0 3

What is different between Storefront API and Mobile SDK? 

Why can't we similarly use custom header of “X-Shopify-Customer-Access-Token” in your request to load the web checkout URL. for Storefront API?