Single sign-on allows end users -- that is, customers of your store -- to authenticate with Elastic Path Commerce Cloud using an external authentication provider. Using an existing authentication provider allows for integration with company-specific or customizable authentication systems. In some cases, it can also simplify the experience for end users because they don’t need to remember another password.
When users need to authenticate, they are redirected to the single sign-on provider, which then communicates the result of the authentication process back to Elastic Path Commerce Cloud.
You can set up Elastic Path Commerce Cloud to allow single sign-on for end users, using the OpenID Connect standard.
When users authenticate using an external authentication provider, authentication details, such as username and password, are neither stored on nor sent through Elastic Path Commerce Cloud.
Authentication realms contain general options for configuration, sets of single sign-on profiles, and user mapping information between Elastic Path Commerce Cloud, and the external authentication provider.
Commerce Cloud comes with a per-store pre-set realm for customers: users who buy products from your store.
Authentication Providers and Commerce Cloud
Elastic Path Commerce Cloud supports many OpenID Connect compatible authentication providers. For more information, see Authentication Management.