cancel
Showing results for 
Search instead for 
Did you mean: 

SAP Commerce Cloud: OIDC with external Identity Provider

bbegbi
Newcomer
0 Kudos

Hello,

Is it possible to integrate the Commerce with an external openid connect Identity Provider? The goal is to enable SSO with OIDC.

I can only find documentation about doing this with SAML or using OIDC with the Commerce Platform as Identity Provider.

What we need is the Commerce as client and doing login against an external authorization server, like Keycloak.

Thank you.

View Entire Topic
lukas-ninow
Discoverer

Yes, this is possible. 

You will find information on the required settings in the storefront here: https://help.sap.com/docs/SAP_COMMERCE_COMPOSABLE_STOREFRONT/eaef8c61b6d9477daf75bff9ac1b7eb4/dc307a...

 

As a good starting point for backend implementation, I recommend you check out the sapcxsinglesignon and sapcxenvconfig extensions here: https://github.com/sapcxtools/workspace/tree/develop/core-customize/hybris/bin/custom/sapcxtools

The general idea is to add an extra filter that runs before the Spring Security filter chain, checks for token validity and saves the token in the token store, so that the spring security filter chain will accept the user as authenticated.