We have a web application that uses Auth0 for authentication, and we want to allow Shopify users to log in to our application with their Shopify credentials.
I read through multipass, it allows login through multiple stores under the same store owner.
What we are aiming for is to allow different store owners to log in to our application with their Shopify account, something like login with a Google account.
Since Auth0 does not natively support this multi-store Shopify login directly, it sounds like you’ll need to set up a custom Auth0 connection, using Auth0’s Custom Social Connections resource. This extension allows you to configure your own OAuth 2.0 connection, which you can point to your custom OAuth implementation.
The flow would be, when a merchant logs in they would be directed to Shopify’s OAuth authorization URL, which would include your app’s client ID and the requested scopes, they would authorize your app to access their store data and then redirect back to your application with a temporary authorization code. Your app would then exchange this code for an access token by making a POST request to Shopify, and this access token would be specific to the store and the app.
This might not be the most elegant solution though - so hopefully other devs can suggest a flow that’s more efficient and easier to implement.