Our Partner & Developer boards on the community are moving to a brand new home: the .dev community forums! While you can still access past discussions here, for all your future app and storefront building questions, head over to the new forums.

Is there any API available that verify customer email and password is valid ?

Is there any API available that verify customer email and password is valid ?

Jigar_Mistry
New Member
4 0 6

Verify Log In credentials API

I Create a new customer with password and password_confirmation using API POST /admin/customers.json sucessfully.
Is there any API available that verify customer email and password is valid so allow to log in in application using same ?

Please advise.

Replies 9 (9)

Sabir_Arora
Visitor
3 0 0

Is there any update on this Customer Login Verification API.

Due to this, the crucial mobile app customers, having account on store, would not able to login to the mobile app version using the same account.

Please help, if anybody has found the solution or suggest any efficient alternative.

gballard
Explorer
67 0 22

If you have the user's username and password, you could simply POST them to the store's /login endpoint. If you get redirected to the customer account page after that, you have the right credentials.

Founder & CEO at Disco Labs; Author of "The Definitive Guide to Shopify Themes".

Judopro
Shopify Partner
15 0 3

Have you come up with a solution or wrote a code already? I am facing the same issue and looking for a solution

Jason_Peterson
Shopify Partner
3 0 0

I am also in need of a "Customer Login Verification", has anyone come up with anythying else besides the /login endpoint POST?

Thanks!

HunkyBill
Shopify Partner
4853 60 569

How is this an issue? If you have the customer's email and their password (and let us not go down the road to that bit of insanity) then it is simple to validate if it works. Use the front-end as Gavin suggests, or use the API to do a call to the customer endpoint and examine the record you get back for validity. 

The only thing this issue raises is why in the first place is a merchant setting up an account with a password. That is so wrong on so many levels. 

Custom Shopify Apps built just for you! hunkybill@gmail.com http://www.resistorsoftware.com

Jason_Peterson
Shopify Partner
3 0 0

I am not using this to set up an account or anything like that.  I need to verify the Customer is who he says he is before looking up order information to validate an Order to activate a service.  Is there another way to do this I am missing?

Thanks again!

HunkyBill
Shopify Partner
4853 60 569

Indeed. Use this sane pattern everyone else uses. One, force the customer to login to your Shopify store with their account. That means the email address is now for sure, your customer. So now if your so-called validator service gets an email to play with, you can use the secure callback from Shopify to look up the email and ensure it is the same as the logged in customer, since you can send yourself the logged in customer ID too. Now you can be sure the customer is who they say, and go to town. 

Custom Shopify Apps built just for you! hunkybill@gmail.com http://www.resistorsoftware.com

Jason_Peterson
Shopify Partner
3 0 0

The verification is needed on a device without a browser...  Can you elaborate on the "secure callback from Shopify"?

HunkyBill
Shopify Partner
4853 60 569

A device without a browser? Now you're off on your own. But since it is an internet enabled device, use it to contact your App where you do your own verification. 

My earlier expose was pointing out the obvious use of an App Proxy to validate front-end info, like an email address. 

Custom Shopify Apps built just for you! hunkybill@gmail.com http://www.resistorsoftware.com