Shopify

How to limit access to Shopify Hydrogen content for B2B vs B2C customers?

19 views 0

Limiting Shopify Hydrogen Content for B2B vs B2C

With the Shopify Single Sign-On (SSO) app, you can securely manage access to Hydrogen storefront content for B2B (Business-to-Business) and B2C (Business-to-Consumer) customers based on their Identity Provider (IdP) attributes.

1. Login via Shopify SSO
The user lands on the Hydrogen storefront. By clicking on the login button, they start the SSO authentication flow with the connected Identity Provider (IdP).

2. Authentication with Identity Provider

  • The user is redirected to the IdP login page.
  • The user authenticates, which supports password, passwordless, and MFA options.
  • The IdP sends a JWT/SAML response that contains user attributes such as:
    • role = B2B or B2C
    • companyName
    • email
    • other profile details

You can categorize customers as B2B or B2C by using tags assigned to their profiles.

3. Attribute Mapping in Shopify SSO App

  • The Shopify SSO app’s Attribute Mapping feature is used to:
    • Map roles from IdP to Shopify customer tags (B2B or B2C)
    • Optionally map company names to Shopify customer metafields.
  • On the first login or subsequent logins, Shopify SSO automatically updates the customer profile in Shopify Admin with the correct tags.

4. Hydrogen Storefront Access Control

  • The Hydrogen storefront checks customer tags after login using the Shopify Storefront API.
  • Conditional rendering in Hydrogen:
    • If the tag is B2B, show wholesale pricing, bulk order options, and B2B-only products.
    • If the tag is B2C, show retail pricing and consumer product collections.

5. Security & Session Handling

  • The SSO session is maintained through Shopify session cookies.
  • Optionally use short-lived JWT tokens from IdP for API calls to Hydrogen to improve security.
  • When the token expires, refresh it through the Shopify SSO session without logging out the user.

6. Benefits of SSO-Based Control

  • Centralized role management in IdP (no manual tag updates in Shopify).
  • The Shopify SSO app enables automatic, real-time control over B2B and B2C content visibility, provides secure MFA-enabled logins for B2B customers, and ensures a seamless access experience for both customer types without requiring separate credentials.

By mapping IdP attributes to Shopify customer tags using the Shopify SSO app, and using tag-based conditional rendering in Hydrogen, you can create a secure, scalable, role-based access control system for B2B and B2C customers. This setup does not depend on manual tagging or third-party apps.

For further assistance, please feel free to contact our support team.

Was this helpful?


Hello there!

Need Help? We are right here!

support