Intershop Commerce Management supports logging in clients via SSO (see Concept - Single Sign-On (SSO)).
The PWA uses the library angular-oauth2-oidc to support an easy configuration for providing access to identity providers.
After setting up the ICM side with the identity provider, an implementation for the interface IdentityProvider, provided in the IdentityProviderModule, has to be added.
For development purposes the configuration can be added to the Angular CLI environment files:
identityProvider: 'Auth0',
identityProviders: {
'Auth0': {
type: 'auth0',
domain: 'some-domain.auth0.com',
clientID: 'ASDF12345',
}
},For production, this configuration should be provided to the SSR process via environment variables (see Building and Running Server-Side Rendering).
The usage of identity providers can also be set in the multi-channel configuration (see Building and Running nginx Docker Image).
pwa:
environment:
IDENTITY_PROVIDER: 'Auth0'
IDENTITY_PROVIDERS: |
Auth0:
type: auth0
domain: some-domain.auth0.com
clientID: ASDF12345SSO with Auth0 for PWA
Follow this guide to set up an application in the Auth0 configuration.
The PWA contains a default SSO with Auth0 identity provider implementation located in the Auth0IdentityProvider.
Use the configuration fields domain and clientID for configuring the provider.
Business Cases
Create New User
| Authentication Provider | Route in ICM e-mail | Behavior of PWA |
|---|---|---|
| ICM | /invite | Redirect to /forgotPassword/updatePassword |
| SSO | /invite | Redirect to SSO provider |
User Forgot Password
| Authentication Provider | Route in ICM e-mail | Behavior of PWA |
|---|---|---|
| ICM | /forgotPassword/updatePassword | Show change password form |
| SSO | /forgotPassword/updatePassword | Redirect to SSO provider |