SSO configuration

mendemende Member
in Help edited October 2012
In my current implementation i'd like to use SSO but prevent users from explicitly creating users on the foxy cart side of the process. e.g. if they don't login our side i'd like them to be treated as guest accounts. Is it possible to use SSO with only the guest account option enabled on checkout?
Tagged:
Comments
  • fc_adamfc_adam FoxyCart Team
    @mende,

    Interesting question! When you set the checkout to guest only, the password fields are still there - but they're hidden. So conceivably it should still work, but it may not be completely obvious that the user is logged in, and whether some server-side stuff will ignore passwords as it's set to guest only.

    Give it a try and see how it displays for you on the checkout. Another option would be to enable the ability to use accounts, but add some javascript to your checkout that if a user isn't logged in on page load to hide the ability to create or log-in to one.
  • That makes sense :)
    I'll give it a go.
  • fc_adamfc_adam FoxyCart Team
    @mende,

    We've discussed this some behind the scenes and the consensus is that set to guest only the server-side logic may not actually link transactions to user accounts like you'd expect. It's something you'll definitely want to test to make sure it happens as you expect, but the second approach I mentioned should work in terms of the server-side logic.
  • mendemende Member
    edited April 2013
    Hello again, Follow up on this issue, We've implemented SSO on our side and it's working brilliantly. It's been brought to our attention by clients that some users may be apprehensive about storing billing/creditcard data on your system, is there a way to use sso but prevent additional data (addresses etc) from being store by foxy?

    More Info:

    We want to require users to be logged in on our system to proceed to checkout. When on checkout we would like to give them the option to save the data they enter, but by default the data entered shouldn't be stored.
  • fc_adamfc_adam FoxyCart Team
    edited April 2013
    @mende,

    We currently don't provide any option to prevent the shipping data being automatically stored with the users account login. If you're not using a subscription, there is a checkbox to prevent the storing of the customers payment details - but by default the billing and shipping details will be securely stored against their customer account.

    Do your clients have any stats of numbers of customers who don't want their details stored with their login information? We'd certainly be interested to know any numbers they may have and their target audience if they do - we're currently working through a rebuild of the cart and checkout and so that could be something we consider for the rebuild.
  • mendemende Member
    No unfortunately it's just a feeling they have. We've emphasized that it's secure but they are want to make it an opt in style interface.
  • brettbrett FoxyCart Team
    So… one idea would be to use SSO like you are, which can require the user to be logged in on your end, but then _don't_ pass in the user ID to FoxyCart. So in effect, you'd just pass them along to the checkout and they could checkout as normal, selecting either "create an account" or "checkout as guest".

    The problem is that the "create an account" method doesn't make sense here. But if you ask _before_ sending them to the checkout, then you'll give them the opt in. If they opt out, you pass them along to checkout and default it to guest (and probably hide the "create an account" option entirely). If they opt in, you pass them along using the normal SSO method, so they're authenticated when they land on the checkout.

    The trick is in how you present that opt-in, because it'd have to happen _before_ you pass them to the checkout. Which isn't ideal, I know, but I don't realistically see us changing the way this functions anytime soon.
Sign In or Register to comment.