I have an existing website that uses Bigcommerce and I have a large customer list. I want to be able to give all of my customers access to a secondary website using their same login/password that they use to log into my BigCommerce website. Is there a way for me to let them login to BigCommerce and my website can verify that that customer is who they say they are?
This would be very useful for my high value customers who want a custom portal that I cannot build into BigCommerce because I don't have access to the PHP code so I need my own server running custom code for them. I am imagining something like how Facebook login works with OAuth.
In the BC backend you have the ability to setup Customer Groups, I would recommend using them to your advantage. You can setup a Customer Group and a Category that only the customers in that group have access too. This way no one else will see the products in that group. However this can be a pain if you have a bunch of products since you can't specify pricing based off customer group. You have to have a separate product just for that customer. I know its not exactly the answer your looking for but it will work. hope this helps
I have found the answer to this!
It takes a bit of backend knowledge, but there's some cool things going on to get this to work.
Setup a web application at your customer url, however ensure the customer url is https://*.yourwebstore.com where your store url is https://www.yourwebstore.com (the https is necessary)
When a logged in BC user hits your website grab their cookies, specifically this one: SHOP_TOKEN now this cookie will ONLY get sent if you are HTTPS, so ensure you are HTTPS
Next take the cookie and spoof a web request to bigcommerce and in return read the cookies again! BC will send you a cookie with your customerId.
Use that customerID to look the customer up in the BC database to find their email and now you can log them into your system as well.
I did some further checking as well in my system for security reasons, but I won't go into that here, pm me if you need more info on other ways to super securely grab your BC user into your customer auth portal.
