Redefining the Login Layer for Commerce
Building Bolt SSO Commerce™
One of the key value-adds of Bolt’s checkout experience is that creating a one-click account is effortless. This is incredibly useful for shoppers, because when they return to a Bolt checkout anywhere across the web, they can use their saved shipping and payment information for a one-click checkout experience. However, these one-click accounts are separate from the individual store accounts that shoppers use to view past orders, access their wishlist, and more. With the introduction of SSO Commerce, we unify these two experiences by providing Bolt’s best-in-class login and store account registration as a service. Not only does this make it easier and more secure for shoppers to access their store accounts using Bolt’s passwordless login, it also allows us to leverage our seamless in-checkout registration experience to create more store accounts for our retailers without impacting conversion. Read on to learn how we built SSO Commerce which is redefining how retailers can engage with their customers.
Under the hood, SSO Commerce leverages the OAuth 2.0 and OpenID Connect (OIDC) standards for providing authentication services to third-parties. These are the same technologies powering social login buttons like “Login With Google/Facebook/Apple.” However, SSO Commerce differs from these other products, because it is specifically built for commerce.
In order for SSO Commerce to provide shoppers a single, unified account experience, we needed to ensure that all login points on a retailer’s site (i.e., the “My Account” or “Add to Wishlist” buttons that direct shoppers to login walls) could be authenticated and powered by Bolt. This is where we used OpenID Connect to allow retailers’ platforms to request information (i.e., user ID) about authenticated Bolt users. In turn, this was also used by the platform to create/login users in their own system.
When it came to deciding whether to use OAuth/OIDC, SAML, or a custom protocol, OAuth/OIDC made the most sense, because it’s currently the most popular method for authentication via a third-party service. SAML is more popular for enterprise, business-to-business (B2B) websites and building our own custom protocol meant extra work to support additional functionality in the future. With OAuth/OIDC, a lot of what we might want to build has already been thought out and incorporated into the protocol in a secure way.
We also needed to implement the OAuth Authorization and Resource server protocols in our backend (Hail), which involved several new endpoints. To implement these endpoints, we had a few different options:
In addition to the work required in the backend, there were also several frontend changes for SSO Commerce, which is a customer-facing login layer on our retailers’ sites. We also needed to ask for a user’s consent in two key places in order to create store accounts on behalf of our retailers:
If a shopper already has a store account with that retailer, we simply log them in. Logging into the store account in all instances involves the following steps:
One of the biggest areas of focus for Bolt is building products that work across multiple shopping platforms. From BigCommerce to Magento to Salesforce Commerce Cloud (SFCC), our retailers use a diverse set of platforms to power their sites and it’s important for us to create products that are built with this in mind. Below are some examples of specific plugin changes required to build SSO Commerce:
In order to build out a full OAuth/OIDC based authentication system, a substantial amount of engineering work was required to implement both sides of the protocol. That’s why we’ve taken so much care to ensure that integrating SSO Commerce is as simple as possible for our retailers. Rather than asking them to build the client-side functionality on their own, these plugins do the vast majority of the heavy lifting. From a retailer’s perspective, integrating with SSO Commerce is as simple as turning on the feature and adding a button to their website to initiate the login/registration flow.
We are thrilled to build a feature that prioritizes retailers’ growth while simultaneously providing a more secure account experience for shoppers. With SSO Commerce, retailers can easily acquire more customer accounts and replace their lengthy registration processes with a simple checkbox. As for shoppers, they login as they normally would on a retailer’s site, except without the burden of remembering countless username and password combinations. SSO Commerce is redefining the login layer for commerce and starting the shift towards personalized, rewarding shopping experiences becoming the default for independent retailers. We couldn’t be more proud to announce its launch to the market today.
To learn how to get started with SSO Commerce, learn more here.