Dedicated to the Hydrogen framework, headless commerce, and building custom storefronts using the Storefront API.
I am building a shop frontend via Hydrogen. I want my customers to have a passwordless login. Since Multipass is only available on Shopify Plus, I’d like to use the new customer accounts feature to achieve that.
How do I implement the customer login? The customerAccessTokenCreate function requires a non-null password. Are new customer accounts already supported via Storefront API?
I think I found the answer by myself: The new customer accounts run under a separate URL and it is not possible to use them with Hydrogen at all, which makes them from a user experience perspective pretty useless. When you use both a Hydrogen storefront and new customer accounts together, they feel like two separate things that have nothing to do with each other.
Instead of new customer accounts implemented like this I'd rather like to see a Storefront API rely on customer login via SAML, OpenID Connect, etc, which is like the Multipass feature of Shopify Plus. For the non Multipass, non Shopify Customers, Shopify should provide an identity provider that supports customer authentication via one time email code, Passkey, FIDO2, Windows Hello, YubiKey, etc. With an implementation like this, you'd get the best of both worlds, classic and new customer accounts – and you can upgrade to Shopify Plus with Multipass with less effort.
Precisely!
We have the same issue. This new passwordless login effectively disables any form of integration with external IAM / SSO toolsets. Also, the new style login is a prerequisite for the b2b functionality, so it leaves one with no option but to have b2b customers login through one's choice of auth into one's ecosystem, and then again with Shopify passwordless. Then one still needs to give careful consideration to the state of each login, because they are independent of each other, and erroneous session-state scenarios can therefore arise.
We need a more elegant approach like H5k says, that better integrates into external SSO and MFA.
After several weeks of trying, it appears as thought Shopify has finally tied most of the pieces together. I was using this guide since early Feb, then about 2 weeks in they completely switched out the docs, as of this week "Javascript Origins" is now available in the "Customer Account API" adding URIs here got everything work with the Hydrogen broiler, but Orders are currently erroring out on "status".
https://shopify.dev/docs/custom-storefronts/building-with-the-customer-account-api/hydrogen