Single Sign-On (SSO) Integration
6 min
overview & purpose single sign on (sso) allows users to log into onprintshop using credentials from an external identity provider (idp), such as azure ad, google workspace, okta, or any saml/oauth2 compliant system this streamlines the login process and enhances security for enterprise customers to set up sso login for the store, follow these steps how to integrate head over to the onprintshop admin panel and go to the store configuration >> external service settings >> sso tab >> single sign on >> edit option general settings based on compatibility and security needs, the administrator must configure single sign on (sso) by selecting the target store (default store or b2b store) and choosing an authentication protocol, such as oauth2 openid connection saml (security assertion markup language) after selecting the authentication protocol, the admin can toggle the ‘restrict user registration’ setting to allow only pre registered users to log in via sso, preventing automatic account creation for new users when enabled, debug mode logs detailed authentication activity to help diagnose and resolve issues during the sso login process authentication settings when the protocol oauth2 or openid connection is selected, the fields for the authentication settings appear the same the required details—such as metadata url, client id, client secret, redirect url, authorization url, access token url, and user info url—can be obtained from your chosen sso provider, such as okta, azure ad, or others when configuring authentication settings with the saml protocol, administrators can either upload a metadata file or provide the identity provider’s metadata url to automatically retrieve the necessary login configuration details attribute mapping after entering the authentication details, the administrator must configure attribute mapping to link user attributes from the identity provider (such as okta, azure ad, etc ) to the corresponding fields in onprintshop this ensures that user information is accurately captured and stored during sso login sign up/login variable the provided variable enables sign up or login functionality navigate to the admin panel >> stores >> configuration tab >> page personalization you’ll find three separate buttons for configuring the login, registration, and reset password pages to set up sso, go to the login page, paste the provided sso link into the designated block, and click save this will activate the sso login feature