Migrating to single sign-on
Shopify is moving to a single sign-on (SSO) system, so that store owners and staff members can use a single, unified email address and password to log in to all the stores and Shopify services they have access to. This means that you won't have to keep track of separate email addresses and passwords for each store and Shopify service that you use.
You can combine multiple user accounts that use the same email address. Each staff member needs to do this for their own accounts. They'll be prompted to do so the next time they log in:
You can then review all the stores and services that will be combined into one set of credentials, and create a password that you'll use to log in to those stores and services in the future. If you haven't already done so, you'll also have the opportunity to verify your email address and add two-step authentication as part of this process.
Combining your accounts affects only the way you and your staff log in to the Shopify admin. This will not change the way your staff members use PINs to log into Shopify POS, nor will it change how your customers log in to their accounts.
Before you start
- Check your accounts to ensure that you're using the same email address for each account. However, if you're using the same email address for accounts you don't want to combine, you should change your accounts to use different email addresses. A good way to double check this is by checking the list of stores in the store switcher. This is the same as the list of accounts that will be combined.
- If you're sharing your account with other staff members, then make sure they're aware of the changes. If combining them will grant access to accounts they should not be able to access, then consider using separate staff permissions.
- If you're using a password manager, then ensure that you have access to its settings so that you can update your password if necessary.
- If you have enabled two-step authentication, then make sure that you still have access to the phone number or authenticator application you used. Authenticating will be required as part of the combining process.
Changes can be made to staff in your Shopify admin at Settings > Account, if necessary.
Combining your accounts
- Log in to a Shopify store that shares the same email address as your other accounts.
After logging in, you're presented with a list of stores and services associated with that email address. Review the stores to ensure that you want to combine all accounts.
If you have an unverified email address, then you need to verify your email before combining accounts.
Click Combine accounts.
Enter your current password for that store.
If you have two-step authentication set up for some accounts associated with this email address, then you need to authorize these accounts before proceeding.
Create a new password. This email and password combination will be the one that you use to log into all stores using your combined account in the future.
Recommended: set up two-step authentication for your combined account. This is the best method to ensure that your account remains secure.
After these steps are complete, you'll use the email account with the new password you've chosen to log into your Shopify stores, as well as other services.
Fatima works at StoreCo, and has a staff account in five different Shopify stores: StoreCo1, StoreCo2, StoreCo3, StoreCo4, and StoreCo5. This means she has five different accounts:
Logging in to StoreCo3, Fatima sees the prompt to combine her accounts. After completing process and choosing a new password, she now has one account with a single email and password combination that she can use to access all five stores:
|StoreCo1, StoreCo2, StoreCo3, StoreCo4, StoreCo5firstname.lastname@example.org||c0mb1inedpassword|
Adding a new store to your existing account
When you create a new store using an email address that you've already combined, you can combine your login information for your new store with your already existing account.
If you want to use your existing login credentials to log into this store, then enter the password for your combined account. If you want to use a different login for your new store, then click Remind me later to log into your store without comining your accounts. After you've logged into your store, you can change your email address settings on the Settings > Account in your Shopify admin.
Missing email account before combining
If you haven't combined yet and notice that there's a store missing from the list of accounts, then you need to log into that particular store and change the email address to match the one being combined. You must also verify the email address.
Missing email account after combining - multiple accounts
If you've missed an email address that you've used multiple times, then don't complete the combination process using this email address. Instead, log in to that account and change it to the email address that you want to combine it with. You'll be prompted to merge with the new email address the next time you log in.
Missing email account after combining - single account
If you've missed combining an account and that email address isn't associated with any other stores, then the leftover email address is migrated to SSO automatically. There isn't currently a way to combine two SSO accounts, so you have two choices:
- You can continue to use the different email accounts. If you do so, then the email and password combinations to log in will remain different from the one that you're using in your combined account, and you'll continue to use a separate email and password combination to log into these accounts. The store will not appear in the store switcher.
- You can ask the administrator of the store to send you a staff invitation using the correct email address.
If you do so, then the email and password combinations to log in will continue to remain different from the one that you're using for the combined account.
- I only have one store. Does this affect me at all?
How do I know what accounts will be combined?
- Can I keep accounts from being combined?
- Do my stores, orders, products, or billing settings get combined?
- Will this change my staff's permissions?
- What happens if I do not combine my accounts?
- Can I skip this process?
- How will I log in after combining my accounts?
- I use a password manager, how will this affect me?
- Can I do this on behalf of my staff?
- Can I require my staff to use multi-factor authentication?
I only have one store. Does this affect me at all?
Yes, though no action will be required on your part. Accounts associated with only one store will be automatically upgraded to single sign-on accounts. This means that it can be used to access additional stores or services without the need to create new accounts, if you add them in the future.
How do I know what accounts will be combined?
The accounts for stores that appear in the store switcher will be combined. Additionally, you'll be able to combine any accounts using the same email address that you have for Shopify Academy, the Shopify community forums, or as a Shopify Partner.
Can I keep accounts from being combined?
Yes. To exclude an account, change the email address you use in the store you don’t want to combine. You're also able to skip accounts for which you're unable to complete two-step authentication.
Do my stores, orders, products, or billing settings get combined?
No. Combining your accounts makes changes to your account credentials only. This includes your username, password, and two-step authentication settings. Your stores, and all information within your Shopify admins, will remain separate and unchanged.
Will this change my staff's permissions?
No. The permissions that you've granted your staff members are still granted on a store-by-store basis, and will not give your users any additional permissions.
What happens if I do not combine my accounts?
Currently, nothing. You’ll still be able to log into your stores separately, with different email address and password combinations for each store. However, merging your accounts may be necessary to take advantage of new features in the future.
Can I skip this process?
Yes. You can skip combining your accounts for 48 hours. After that, you’ll be prompted to merge your accounts again the next time you sign in.
How will I log in after combining my accounts?
After you've combined your accounts, you'll use that email address and the password that you've chosen to log into all stores using that address. You'll also be able to use this address and password to log into other Shopify resources.
I use a password manager, how will this affect me?
As part of the combining process, you're prompted to choose a new password for your Shopify account. You'll need to make sure that this is updated in your password manager. In most cases, your password manager should prompt you to update your password. If the password manager that you use is managed by someone else, you may need to speak to the person responsible for the password manager to have this added.
Can I do this on behalf of my staff?
In most cases, no. Combining accounts requires a user password, so typically this isn't possible. The exception to this would be if you manage the user passwords and your staff uses a password manager to log in.
Can I require my staff to use multi-factor authentication?
No. Staff can't be forced to use two-step authentication.