Join us for an upcoming Shopify Partner webinar on February 27, 2024. Discover the latest Checkout Extensibility features, and deep dive on improvements to Shopify Functions and Web Pixels. Register now for either the 10am EST or 2pm EST sessions.

Is it possible to require an account before allowing Login on B2B stores?

emalueg
Shopify Partner
9 0 3

We have a B2B store meant for our existing retailers.  
The store offers discount pricing our resellers, but each potential customer must be approved and under contract before they can make a purchase.

The Shopify B2B / 'New Customer accounts' login experiences asks them to enter an email address, to which a 6 digit code is sent and they must enter that code to 'log in' to the store.

The issue is that even if that email address does not have an existing customer account, Shopify will send the code and allow them to log in with it.  It even *creates* a new customer account in the store for them.  And that account, since it never went through a 'create account' form or process, has no information other  than email address.

We need the login process to *verify* that they are a customer, not let them in regardless.

Is this a configuration issue that we are missing?  How do we require a customer account to exist before it can be logged into?

Replies 4 (4)

Brett_Helium
Shopify Partner
182 36 63

Hey @emalueg!

If you are using the new customer accounts system, anyone can submit their email address to login to an account. However there are a couple of methods in which you can protect your site:

If you are on Shopify Plus and using the native B2B features, you can enable Shopify's setting for "Restrict access to B2B customers only" which can be found in your Shopify admin > Online store > Preferences. With this setting, you will need to manually assign a customer account to a company record before they are able to actually log in and access the site at all.

If you are not using Shopify Plus' native B2B features or want something a bit different, one possibility would be to use some apps such as Locksmith and Customer Fields. Locksmith is an access control app which allows you to restrict access to the entire site, or things like certain pages or seeing prices, and you can do this based on the customer account having a specific tag. The advantage of this method is that with the Customer Fields app, you can have potential customers submit their own information using a form on your site, and then gives you the option to approve/deny the request and automatically add the tag to their account, giving them access to the site. Using a tag based lock means that even if a user was to log in directly through the new customer accounts system, they would not actually gain access until they get approved through the form.

Brett | Helium
Helium builds apps that thousands of merchants depend on:
- Customer Fields ✪✪✪✪✪ (330+ reviews)
- Meteor Mega Menu ✪✪✪✪✪ (250+ reviews)
emalueg
Shopify Partner
9 0 3

Thanks for the reply!

We certainly can add code that restricts customers based on a tag or other criteria, but my main concern is *these shouldn't be customers*.  

We shouldn't have to add extra code or apps to restrict access, when the simple concept of 'login' should.  But instead of authenticating a customer, its creating new customers.

Is there no way to simply turn off the automatic creating of customers? To separate 'login' from 'registration'?

Brett_Helium
Shopify Partner
182 36 63

While I personally agree, from what I understand of the way the new customer accounts system works, this is not currently possible natively. The closest native option for this would be the Shopify Plus setting for "Restrict access to B2B customers only".

Brett | Helium
Helium builds apps that thousands of merchants depend on:
- Customer Fields ✪✪✪✪✪ (330+ reviews)
- Meteor Mega Menu ✪✪✪✪✪ (250+ reviews)
emalueg
Shopify Partner
9 0 3

Ok, thanks for the information.
Not the route I'd prefer, but i at least know my options.