Shopify Multipass is an advanced feature that ensures safe and frictionless login for customers from one merchant’s website to another. But why is there a need for this?
Some merchants use a separate website for their main content and online stores. Some also own multiple brands that naturally require separate websites that require login credentials for full access.
While there is nothing wrong with that, one problem that we’re seeing when switching from one website to another, from the perspective of customers, is the hassle of being required to log in repetitively. Most customers would see it as an unnecessary step, leaving them inconvenienced and frustrated. Ultimately, they bounce off the site and you will never hear from them again.
In this article, we will explain why it is important for Shopify store owners to enable multipass login in their websites for the benefit of the customers. We will also teach you how to use, activate and use multipass on your Shopify store.
Lastly, we’ll be showing you the alternatives to the Multipass so you don’t have to spend lots of money for it. Let’s begin.
What Is Shopify Multipass?
Source: MiniOrange
Shopify Multipass is a proprietary feature that provides single sign-on (SSO) capabilities for websites that are owned by a single entity. This enables customers to access multiple online platforms using the same email address and account credentials.
Multipass works by allowing merchants to integrate their existing customer databases (not stored in Shopify servers) with their Shopify store, making it possible to allow SSO for seamless inter-platform navigation.
This is very secure because Multipass systems generate tokens that are encrypted so that only Shopify can verify them, thereby providing secure access from the merchant’s main site going to their online store that is linked through Multipass.
With Multipass, customers can easily shop and engage with the merchant's offerings across different channels without the hassle of logging in multiple times.
Read more: Shopify Audiences 101: The Ultimate Guide [2024]
Instances Where Multipass Is Needed
Here are the instances where we highly recommend using Multipass for your Shopify store.
01. Merchants use a separate website for the main content and online store
Source: Daiwa
A merchant maintains a separate website for their main content, such as articles, videos, and tutorials, but uses a Shopify store exclusively for selling merchandise.
By requiring their audience to log in on a separate website, the merchant can use Shopify Multipass to synchronize customer accounts and enable SSO.
This seamless transition eliminates the login friction, thereby increasing the chances of providing a delightful shopping experience. This could lead to customers deciding to purchase from their stores.
02. Merchants need more content flexibility from other CMS and use Shopify for selling
Source: AWS Gear Shop
A merchant uses their original website for advanced blogging needs, providing in-depth content and utilizing SEO flexibility. Within the content, CTAs for the merchant’s products are provided, and by clicking on them, customers are redirected to the Shopify store.
When the readers on the original website are required to input their login credentials on both platforms (including the online store), using Shopify Multipass ensures that customers only need to log in once.
This efficient transition from content consumption on the original website to shopping on the Shopify store creates a cohesive experience for customers. By linking the two platforms, the merchant can retain customer engagement and drive more sales.
03. Other similar scenarios
Source: Bumble
Where customers are needed to log in across your websites, we highly recommend using a Multipass login. Because as mentioned, it eliminates the need for repetitive requests when an email address exists already in the database,
It is then replaced by a seamless and automated process which the customers will surely appreciate.
Quick read: Shopify Collabs - Everything You Need To Know
Benefits Of Using Multipass
Source: Geeks For Geeks
Before we move on to the more technical part of this article, in summary, here are the benefits of using Multipass on Shopify:
01. Seamless customer experience: Shopify Multipass provides a unified login system that seamlessly redirects users from a separate website to the Shopify store, maintaining a consistent shopping journey.
02. Data security: Not relying on proxy-based systems and instead using Multipass requests enhances data security and ensures customer record integrity within customer databases. This protects sensitive customer information across different platforms and minimizes the vulnerability of your network.
03. Easier implementation: Multipass on Shopify only requires a straightforward implementation process. Compared to complicated and laborious proxy-based systems, a Multipass login is significantly simpler to integrate.
04. Boost in sales: By reducing shopping friction for customers, Multipass streamlines the path to purchase from your original website to your Shopify store. This makes it easier for customers to shop and it could lead to higher sales conversions for store owners.
05. Flexibility: As Shopify is mainly a website builder for ecommerce stores, more demanding features for content creation may be found on other systems such as WordPress. As such, store owners can use Multipass to leverage other platforms for their more demanding content marketing needs while directing traffic back to the Shopify store.
Requirements For Shopify Multipass
Source: Shopify
As may be inferred from the intricacies of multi-platform management and its slightly higher degree of complexity, Shopify Multipass was created mainly for large businesses and enterprises within the Shopify platform or those that are using two or more websites for their operations.
As such, for Shopify store owners to gain access to Multipass, it is required they are using a Shopify Plus plan.
Shopify Multipass Identifiers
The most common question of Shopify users related to Multipass is in regards to Multipass Identifiers. Some confuse it with the secret from the store.
But according to a Shopify Staff named Liam,
“The multipass_identifier is a unique identifier for each user that is used by Multipass to identify the customer. The multipass_identifier is not the secret from the store, it is a unique value for each customer, and it should be the same on both your website and Shopify. This can be any string, but it must be unique for each user. It's usually something like a user ID from your main site's user system.”
The Multipass identifier is like the backbone of the entire Multipass system because this is what identifies your customers to be accepted by the SSO. Without matching identifiers, there will be an invalid multipass request that won’t allow SSO.
Here is Liam’s full explanation of Multipass identifiers:
Source: Shopify Community
How To Use Shopify Multipass
Here is the step-by-step implementation of Multipass according to its official Shopify documentation:
*This is only applicable to Shopify Plus plan users.
Step 1: Enable Multipass
From your Shopify admin, go to Settings > Customer accounts.
In the Multipass section, select Turn on to enable Multipass
After enabling Multipass, a “secret” is shared with you. You need this secret to generate tokens to log your customers into your Shopify store.
Make sure not to share this secret to anyone to reduce security risks.
Step 2: Encode your customer information using JSON
The customer information is represented as a hash which must contain at least the email address of the customer and a current timestamp (in ISO8601 encoding). You can also include the customer's first name, last name or several shipping addresses. Optionally, you can include an IP address of the customer's current browser session, which makes the token valid only for requests originating from this IP address.
Step 3: Encrypt the JSON data using AES
To generate a valid multipass login token, you need the secret given to you in your Shopify admin. The secret is used to derive two cryptographic keys — one for encryption and one for signing. This key derivation is done through the use of the SHA-256 hash function (the first 128 bit are used as encryption key and the last 128 bit are used as signature key).
The encryption provides confidentiality. It makes sure that no one can read the customer data. As encryption cipher, we use the AES algorithm (128 bit key length, CBC mode of operation, random initialization vector).
Step 4: Sign the encrypted data using HMAC
The signature (also called message authentication code) provides authenticity. It makes sure that the multipass token is authentic and hasn't been tampered with. We use the HMAC algorithm with a SHA-256 hash function and we sign the encrypted JSON data from step 3 (not the plaintext JSON data from step 2).
Step 5: Base64 encode the binary data
The multipass login token now consists of the 128-bit initialization vector, a variable length ciphertext, and a 256-bit signature (in this order). This data is encoded using base64 (URL-safe variant, RFC 4648).
Step 6: Redirect the customer to your Shopify store
Once you have the token, you should trigger a redirect to your Shopify store.
Redirect URL: /account/login/multipass/insert_token_here
When the redirect is successful (for example, the token is valid and not expired), the customer will be logged in to your Shopify store.
The multipass token is only valid for 15 minutes and each token can only be used once. For those reasons, you shouldn't generate tokens in advance for rendering them into your HTML sites. You should create a redirect URL which generates tokens on-the-fly when needed and then automatically redirects the browser.
Note: You can read the more detailed instructions on this page.
Shopify Multipass Without Plus Subscription
We now know that Shopify Multipass is a great solution for store owners who need a login solution for their customers across multiple platforms.
Although the Multipass system itself is free, unlocking it can be costly as it is only available for Shopify Plus plan users.
One user named Marc_occa said:
Source: Shopify Community
Another user named Aftpromisys also said:
Source: Shopify Community
Truth be told, not all merchants who use separate websites for their main content and online stores can afford the hefty price tag of Shopify Plus.
If you’re one of those merchants, you might ask, “How can I use Multipass without subscribing to Shopify Plus?”
Well, you can’t.
But the good news is that you can use an SSO app just like Multipass. The app that’s on top of our list is MiniOrange SSO.
MiniOrange SSO is a login solution that lets Shopify merchants, regardless of the plan that they are subscribed to, implement a Multipass-like function across several platforms that they own.
Source: Shopify App Store
Starting at just $89 per month, MiniOrange is a practical solution for a safe and seamless customer login. And compared to the hefty price tag on Shopify Plus that starts at $2000 per month, MiniOrange is very affordable.
Alternative To Multipass For Seamless Authentication From Other Website
Some Shopify users are more tech-savvy than others, especially Shopify Partners who are well-acquainted with the coding languages used in Shopify.
Relative to the price of a Shopify Plus subscription, MiniOrange is more affordable.
However, $89 per month can still be a huge amount for some merchants. That’s why those who are keen on finding a free Multipass-like solution were able to discover some workarounds for it.
We scoured the Shopify community to see the most feasible strategy and we found this solution from a user named Edweis:
Source: Shopify Community
Based on what he said, the solution worked. However, it was a “heavy workaround” that is not very stable. Thus, we suggest that you take his advice with lots of caution as it could render your entire website unstable especially if you are not very sure about the possible effects of the code that you are going to embed.
The Takeaway
The implementation of Multipass can be complicated to some. Practically speaking, merchants who only own one Shopify store would have no use for such a function.
That’s why Shopify has made it only available to merchants who are using the Plus plan as it is assumed that these merchants have larger online operations and the capabilities to hire developers to integrate and monitor this system throughout their ecommerce network.
On the other hand, online entrepreneurs who own multiple brands could still implement SSO functionalities across their platforms using a third-party app like MiniOrange SSO.
While it is possible to use the nifty solution mentioned by the quoted Shopify Partner, we highly advise you to avoid doing it unless you have a developer by your side to rectify the possible consequences.
To Conclude This Article…
As a Shopify store owner, the ultimate goal is to grow your brand. But the only way that you can do that is to provide a delightful customer journey.
This is why Shopify Multipass was introduced. It reduces the friction on the customers’ shopping experience, thereby reducing bounce rates. This, in turn, increases the time spent by each user on your website (also called sessions). More online sessions could lead to more sales.
Finally, in terms of providing a delightful customer experience, you should also consider other aspects of your website such as design, apps, web copy, and more.
One app that we can recommend is PageFly. Our platform offers a drag-and-drop solution similar to Shopify while offering great functionalities for expert web designers to execute whatever design they have in mind. Here’s what our users have to say about PageFly.
You might be interested: Shopify Conversion Rate Optimization: [2024] Beginner’s Guide
