Log In Get Started
  1. Support
  2. Prodigy Cloud Platform
  3. Apps

SSO Authentication

The SSO Authentication app allows customers to access the store using SAML single sign-on through a supported identity provider.

Prodigy currently supports:

  • Okta
  • Microsoft Azure
  • Auth0

 

When a customer signs in through an identity provider for the first time, a Prodigy customer profile is created automatically. If an existing Prodigy account uses the same customer information, such as the same email address, the SSO login can be matched to that existing account.

In this article, you will learn about:

 

Enabling the SSO Authentication App

To get started, navigate to Apps from the left sidebar menu.

sso-apps-menu.png

Locate the SSO Authentication app and click Enable.

sso-app.png

From the app configuration page, click Enable in the upper-right corner.

sso-enable.png

The page will display the available identity providers.

Turn on the switch next to each provider you want to configure.

Screen Shot 2025-04-08 at 3.02.00 PM.png

Enabling a provider reveals the configuration fields and values required to connect it to Prodigy.

 

Okta Setup and Configuration

To use Okta for customer authentication, enable the Okta switch from the SSO Authentication app page.

Prodigy will display the following read-only values:

  • Audience URI (SP Entity ID)
  • Single sign-on URL (Assertion Consumer Service URL)

 

Use the Copy links to copy these values.

sso-octa-initial-settings.png

If another person or department manages your Okta account, send these values to the person responsible for configuring the application.

 

Creating the Okta App Integration

Log in to Okta and navigate to Applications.

Click Create App Integration.

Okta 1.png

Select SAML 2.0 as the sign-in method, then click Next.

Okta 2.png

Enter an app name and optionally upload a logo.

Click Next.

Okta 3.png

On the SAML Settings page:

  1. Paste the Prodigy Single sign-on URL into the corresponding field.
  2. Paste the Prodigy Audience URI into the corresponding field.
  3. Set Name ID format to EmailAddress.
  4. Click Finish.

 

Okta will display a Metadata URL.

Click the copy option below the URL.

Okta 5.png

Return to the Prodigy SSO Authentication app and paste the copied value into the IDP Metadata URL field.

Click Save Changes in the upper-right corner.

ssp-octa-metadata-url.png

 

Assigning Okta Users

Return to Okta and navigate to Applications → Assign Users to App.

Assign the people or groups who should be able to access the store.
 

Okta 6.png

Assigned users can then sign in through Okta. A Prodigy customer account will be created automatically the first time a new user signs in.

 

Microsoft Azure Setup and Configuration

To use Microsoft Azure for customer authentication, enable the Microsoft switch from the SSO Authentication app page.

Prodigy will display the following read-only values:

  • Identifier (Entity ID)
  • Reply URL (Assertion Consumer Service URL)

Use the Copy links to copy these values.

sso-microsoft-initial-settings.png

If another person or department manages your Microsoft account, send these values to the person responsible for configuring the application.

 

Creating the Microsoft Azure Application

Log in to the Azure portal.

Under Azure services, select Enterprise applications.

Azure 1.png

Click New application.

Azure 2.png

Click Create your own application.

Azure 3.png

Enter a name for the application.

Select: Integrate any other application you don't find in the gallery (Non-gallery)

Then click Create.

Azure 4.png

Select Set up single sign on.

Azure 5.png

Select SAML.

Azure 6.png

In the Basic SAML Configuration section, click Edit.

Azure 7.png

Click Add Identifier and paste the Identifier (Entity ID) copied from Prodigy.

Azure 8.png

Click Add reply URL and paste the Reply URL copied from Prodigy.

Click Save.

Azure 9.png

Azure will display an App Federation Metadata URL.

Click the copy icon next to the value.

Azure 10.png

Return to the Prodigy SSO Authentication app and paste the copied value into the App Federation Metadata URL field.

Click Save Changes in the upper-right corner.

sso-microsoft-metadata-url.png

 

Assigning Microsoft Users

Return to Microsoft Azure and navigate to Users and groups.

Assign the users or groups who should be able to access the store.

Azure 11.png

Assigned users can then sign in through Microsoft. A Prodigy customer account will be created automatically the first time a new user signs in.

 

Auth0 Setup and Configuration

To use Auth0 for customer authentication, enable the Auth0 switch from the SSO Authentication app page.

Prodigy will display a pre-populated Application Callback URL.

Use the Copy link to copy this value.

Screen Shot 2025-04-08 at 3.09.33 PM.png
If another person or department manages your Auth0 account, send this value to the person responsible for configuring the application.

 

Configuring the Auth0 Application

From Auth0, navigate to:

Dashboard → Applications → Applications

Select the application you want to use as a SAML2 Web Application.

Open the Addons tab.

In the SAML2 Web App section, enable the addon.

Open the Settings tab and enter the Application Callback URL copied from Prodigy.

Click Save.

auth0-saml-callback-url.png

Next, open the Usage tab.

Locate the Identity Provider Metadata URL, right-click its download link, and select Copy Link Address.
 

aut0-idp-metadata-url.png

Return to the Prodigy SSO Authentication app.

Paste the copied URL into the IDP Metadata URL field, then click Save Changes.

Screen Shot 2025-04-08 at 3.25.04 PM.png

 

Customizing the SSO Login Button Text

Each identity provider includes an option to customize the text customers see on its SSO login button or authentication prompt.

By default, the button uses wording based on the provider, such as:

  • Continue with Okta
  • Continue with Microsoft
  • Continue with Auth0

 

To change the text:

  1. Enable Customize the SSO login button text for the provider.
  2. Enter the desired wording in Custom SSO Login Button Text.
  3. Click Save Changes.

 

Each enabled identity provider can use different custom button text.

The customized wording will appear wherever customers are prompted to authenticate through that provider.

 

Disabling Manual Account Creation

After configuring one or more SSO identity providers, you can optionally disable manual account creation and email/password login.

Click Disable Manual Account Creation from the SSO Authentication app page.

Screen Shot 2024-10-25 at 9.01.05 AM.png

When manual account creation is disabled:

  • Customers cannot create accounts manually.
  • Customers cannot log in using an email address and password.
  • Customers must authenticate through one of the configured SSO identity providers.

 

Existing customers do not need to create a new account.

When an existing customer signs in through SSO, Prodigy uses information supplied by the identity provider, such as the customer's name and email address, to match the SSO login to the existing customer account.

This allows the customer to continue using the same Prodigy account while signing in through SSO instead of an email address and password.

Note: Make sure the required users or groups have been assigned within the identity provider before disabling manual login. Otherwise, those customers may be unable to access the store.

 

That's everything you need to know about configuring SSO Authentication.

 

 

Build WordPress stores with modern technology

Sign up to use the Prodigy platform, a powerful alternative to WooCommerce. Prodigy is free at ANY scale.

Create an Account