Passwordless login for customer accounts?

New Member
2 0 1

Hi - I'm wondering what it would take to enable passwordless login for customer accounts. I see that Shopify integrates with Auth0 but it looks like that's only for the store owner profile, not customer accounts...are there any existing apps or would it be possible via custom development?

1 Like
Shopify Staff
Shopify Staff
444 20 49

Hey, there!

My name is Ava, I’m one of Shopify’s Gurus and I’m here to help :)

Letting customers log into their account without entering a password would not be something that would be possible at the moment I'm afraid. They would need to enter a password in order to access their account.

You can use this app as a workaround though. It is a social login app, meaning your customers can use their social media accounts to sign into their account in your store!

Would that option work for you?

Let me know if you have any more questions, happy to help!

Ava

Social Care Guru | support@shopify.com

Ava | Social Care @ Shopify
 - Was my reply helpful? Click Like to let me know! 
 - Was your question answered? Mark it as an Accepted Solution
 - To learn more visit the Shopify Help Center or the Shopify Blog

1 Like
Highlighted

Hi Julie,

 

A few days ago, our Passwordless Social Login app was approved, and it'll allow customers to log in to your store without a password.  All they have to do is provide an email to us, and we'll send them a magic link that logs them in to the store.  The Elite plan also includes social logins via Facebook, Twitter, LinkedIn, and Google.

 

https://apps.shopify.com/dimension-passwordless-login

 

https://login.dimensionsoftware.com/install

 

If you want to see it in action on a live store, check out Live Tinted:

 

https://livetinted.com/

 

The login process goes like this:

 

https://gfycat.com/helpfulresponsibleantelope

 

Click on the person icon on top-right corner to get started.

1 Like
Tourist
8 0 1

Hi Ava, Can you explain a little bit deeper how this social login app work? Thanks!

0 Likes
Hey jhcao23,

my name is Ben with Dimension Software and our app Passwordless Login + Social uses a similar but bit more secure approach for both users wanting and not wanting to use only social login.

For those wanting to use an email, it sends a temporary code to your email and once you Verify it automatically logs the user in and signs them up. For Social Login, we have integrated all major services currently available and we’re happy to add any that your business may need.

Check us out:
https://apps.shopify.com/dimension-passwordless-login

Try it out on a live Elite Plan example:
https://www.livetinted.com/

If you have any further questions or want to try it out we’d be happy to get you set up for free and test out! Hit us up at support@dimensionsoftware.com and we can go from there!

We are being used on 51 sites and the feedback has been tremendously positive on both the user and store owner side.

Cheers,
Ben
0 Likes
Shopify Staff
Shopify Staff
444 20 49

Hey, @jhcao23!

 

Sure, happy to chat :)

 

To echo what Ben said above, the social login app works by allowing your customers to log in to their customer account on your store by using their social media account logins rather than creating/using a specific customer account password and username. Using existing login information from a social network provider like Facebook, Twitter, or Google, the user can sign into a third-party website instead of creating a new account specifically for that website.

 

Usually, especially when browsing via mobile, customers will leave all of their social media accounts/apps logged in. So if you use an app like the one I suggested above, you can log into your customer accounts on specific websites using the same username/password credentials you use to log into your social media accounts. This saves some time, as you can hit the 'login via Facebook' button so you do not have to remember different passwords for different websites.

 

Let me know if you have any more questions, happy to help!

 

Ava

 

Ava | Social Care @ Shopify
 - Was my reply helpful? Click Like to let me know! 
 - Was your question answered? Mark it as an Accepted Solution
 - To learn more visit the Shopify Help Center or the Shopify Blog

2 Likes
Tourist
8 0 1

Hi Ava,

 

Is this app an official app from shopify? If not, I have a security concern.

I looked through shopify developer docs, shopify officially only provides email/password signup method that user must click the activation link from their email to active account; so developer's backend can programatically create one customer (end user or buyer) account through shopify REST API. So when the users signup with social account, who will create the 'fake' email for them and 'click' the link from the 'fake' email? Does that mean the third party app ultimately control the end users' 'fake' email/password?

 

Thanks,

John

1 Like

@jhcao23Regarding your questions about social login apps on Shopify:

 

> Is this an official app from shopify?

 

No, none of the social login apps available from the Shopify App Store were created by Shopify.

 

> So when the users signup with social account, who will create the 'fake' email for them ...?

 

Why use a fake email address when the 3rd party (whether it be Google, Facebook, or Twitter) gives us a real email address?  When these apps delegate authentication to a 3rd party via OAuth, the 3rd party gives us some information about the user, so this is what's used by the various social login apps to programmatically create a Shopify customer that can log in to your store.

 

https://help.shopify.com/en/api/reference/customers/customer#create-2019-07

 

Also, if you notice the last example from the above link, customers can be autoactivated through the API in case you want to skip the activation email which makes sense when you're doing OAuth, because why ask them for another confirmation when they already authorized you via OAuth.

 

Check us out on Shopify's App Store:
https://apps.shopify.com/dimension-passwordless-login

If you have any further technical questions or want to get a store fitted with Passwordless, we’d be happy to get you set up! Can also reach us at support@dimensionsoftware.com - Hope this helps. 

0 Likes
Tourist
8 0 1
so what's the end user's email address? Assuming you are the developer of
the 'shopify social login app', you should send request API
'/admin/api/#{api_version}/customers.json'
to shopify.com, then how do you fill the 'email' field? Thanks!
0 Likes

@jhcao23 - I'm one of the developers of Passwordless Social Login which is one of many social login apps for Shopify.

 

The end user's email address is whatever the 3rd party tells us.  For example, suppose a customer initiates a Facebook login. 

  • Our code uses the passport-facebook library to redirect the customer to Facebook.
  • If it's the first time, Facebook will ask the customer if it's OK to authorize our app for login purposes.
  • If the customer confirms that it's OK, then Facebook will redirect back to our app and give us information about you.  Your email address is often of the things returned, and it's the email address you used to register at Facebook.  See http://www.passportjs.org/docs/profile/ for other data that may be given to us.
  • With this information from Facebook, our app can create a new customer using the email provided by Facebook.
  • Finally, once a customer object exists on the Shopify side, our app can initiate the actual login into the store.
0 Likes