Multipass identifier

Retired Boards Appdev Authentication

Topic summary

Main issue: how to use and set the multipass_identifier for existing Shopify customers, especially when they were created via guest checkout.

Key points:

  • multipass_identifier is a unique per-customer value used by Multipass SSO. It’s not the store secret; typically it’s the user ID from your own auth system. Shopify stores whatever you set; it doesn’t generate this value.
  • For existing customers, set it via the Customer API so it matches your site’s user identifier.

Problem raised:

  • Guest checkout creates a Shopify customer with a null multipass_identifier. Later Multipass login with the same email can fail: “Invalid Multipass Request… email address is already used by another customer (with a different Multipass identifier).” Concern: Shopify appears to treat null as a conflicting value and blocks first-time Multipass login. Request for Shopify to honor setting the identifier on first login remains unanswered.

Workarounds/practices:

  • Don’t include email when updating multipass_identifier; update only by customer ID.
  • For null cases, generate/store a new identifier in your system and update Shopify via API (cURL PUT to /customers/{id} with multipass_identifier).

Status: No official resolution; discussion open.

Summarized with AI on December 23. AI used: gpt-5.
1

Hello,

Looking at the Shopify multipass I came across this:

FAQ> > Some of my customers have already placed orders on Shopify. How do I update those customers so they can login through multipass?> > You can use the Customer API to set the multipass_identifier for the customer. You will need to use the identifier with all your multipass requests for those customer accounts

Can someone explain how this works regarding an existing customer? What is multipass_identifier? Is it the secret from the store?

On the Customer API, the multipass_identifier = A unique identifier for the customer that’s used with Multipass login.

How exactly do I find out what the multipass identifier is? Or its value?
Is there a place where I can find more documentation?

Thank you.

Looking forward for your response

2

Hi Bitzu,

The multipass_identifier is a unique identifier for each user that is used by Multipass to identify the customer. The multipass_identifier is not the secret from the store, it is a unique value for each customer, and it should be the same on both your website and Shopify. This can be any string, but it must be unique for each user. It’s usually something like a user ID from your main site’s user system.

To use Multipass with an existing customer, you would need to set the multipass_identifier for that customer to their unique identifier from your website’s user system. This can be done via the Shopify Customer API. Once this is set, you can use Multipass to log that customer into Shopify automatically when they’re logged into your main site.

To find out what the multipass_identifier is for a particular customer, you would need to look it up in your own system, because it is a value that you set based on your own user identifiers. Shopify doesn’t determine this value; it only stores it once you’ve set it.

Hope this helps!

1 Like
3

Hello Liam,

There are cases where even the store owners will not know a user’s identifier from our user system ahead of time. Consider when a customer exists in the Shopify store but not in our system, because they have not logged in before. Take this scenario, when a customer completes a guest checkout on a store with Multipass enabled:

  1. A new customer completes a guest checkout, in which they provide their email for order details etc but never “log in” to our store.

  2. Shopify creates a customer record at this point, with a null multipass_Identifier

  3. At some time in the future, that customer returns and tries to log in with the same email they provided for previous guest checkout, they successfully authenticate with our third party authentication service and are redirected to our store, where Shopify blocks the login with the message:

“Invalid Multipass Request. The given email address is already used by another customer (with a different Multipass identifier)”

It seems in this case, Shopify is rejecting the login because the provided multipass_identifier from our user identification system does not match the null value Shopify has stored as that customer’s multipass_identifier. null is being treated as a value in this case, instead of the absence of a value. Can Shopify honor the setting of a customer’s multipass_identifier if it detects this is the first time the user is logging in?

Please Advise,

Billy

1 Like
4

On my road to multipass for fun and profit - I realized that you don’t set the email to update the users multipass identifier or it dies.

I too had the same “NULL” problem so I went through and just created a new multipass for those null users and stored it in my DB.

It has everything to do with the customer id - so keep that in mind.

#!/bin/bash 
YOUR_STORE="your-store-name"
CUSTOMER_ID="numeric-customer-id"
MULTIPASS="mutlipass-identifier"
TOKEN="your token"

curl -X PUT "https://${YOUR_STORE}.myshopify.com/admin/api/2024-07/customers/${CUSTOMER_ID}.json" \
-d '{"customer":{"id":'${CUSTOMER_ID}', "multipass_identifier" : "'${MULTIPASS}'"}}' \
-H "X-Shopify-Access-Token: ${TOKEN}" \
-H "Content-Type: application/json"

Hope this helps!