A new trajectory: Trineo has been acquired by Traction on Demand. Learn More.

AWS Lambdas & Serverless with Shopify

John Masson September 27, 2018


Thanks to Timo Bleeker for his work on this project and for contributing to this article.

Unless you want to offer a highly specific and unusual ecommerce experience, Shopify is a good choice for supporting a digital storefront. It’s ubiquitous, it’s fast, and people understand the shopping cart flow. As a seller, with Shopify you just focus on loading in your products. The billing and shopping cart functionality are already set to go.

Recently, Trineo took on a project in which we integrated Shopify with our client’s existing systems and SSO functionality using the AWS Serverless Framework. Here is what we learned, in case you encounter a similar challenge.

Choosing the AWS Serverless Framework

Though our teams are experts at building Rails apps, we used the AWS Serverless Framework to spin up an AWS gateway and AWS lambdas to connect Shopify to the SSO system.

Why? Aside from our client’s desire to use it, Serverless lent itself well to the behavior of the ecommerce application. During sales promotions, the store would be handling load spikes rather than a sustained load of data activity. Therefore, small individual functions could be more effective than a full-blown Rails API. The system could be more cost-efficient with serverless functions that only spin up when needed.

Another benefit to Serverless is its modular architecture. Each Lambda is separate from others, receives information, and does a single task. By nature, each bit of architecture can be adjusted and improved without impacting other components.

Adding a digital store that connects to SSO

Our client wanted to add an online store to their service offerings. They considered building a customized ecommerce platform, but then quickly realized they could get to market a lot faster with Shopify.

Their key requirements:

  • Connect the store with the Single Sign-On system already in place
  • Re-use customer profile information from existing internal systems
  • Make those internal systems aware of any store activity

A good customer experience was the number one priority, so we needed to make it as easy as possible for people to sign in, purchase items, and receive relevant communication related to their order and to other purchasing opportunities. We had to handle three user scenarios:

  1. The customer is new to Shopify
  2. The customer is already present in Shopify but not in the client’s existing systems
  3. The customer is already present in Shopify and is also in the client’s existing systems

Fortunately, Shopify already had a solution to handle these scenarios: Multipass.

Shopify Multipass

Multipass is Shopify’s method (available for Shopify Plus merchants) for creating or signing in customers who already have a username, password, and profile from an associated system. (You don’t want existing users to sign up again and make a new account.) With Multipass, people who log in are seamlessly sent to the Shopify-powered store and logged in with their existing information. If they are new to the Shopify side, then a new account is created. We use a multipass_identifier to connect each customer to those systems.

Here’s how it works:

1. The customer logs into the Shopify site and hits our "proxy" server. This server (which is just a Lambda) sits between Shopify and the Identity Provider (IDP) and accepts the login request from Shopify.

2. The customer is then sent to a login page on the IDP side. Here one of two things can happen:

  • If they’re a new customer, they enter their name, number and email
  • If they’re a returning customer, their login and identifying details are retrieved from the SSO system

3. The customer submits the form, and is returned to the proxy which took the data in the format that IDP provided it.

4. The structure of the data is then converted into a Shopify-compliant structure and encrypted and encoded with the help of the Multipassify npm package.

5. We create an identifier which is sent through to Shopify

  • If the user is new to Shopify, we generate a new multipass_identifier, create a new customer in Shopify with this identifier, and then log them into this new account.

  • If the user is already present in Shopify but did not have a multipass identifier, we create an identifier and first update the customer in Shopify, before we continue to log them in.

  • If the user was already in Shopify and already had an identifier (a returning customer), we would just log them in.

6. Shopify creates a user on their side and the user is returned to the place where they started (thanks to a callback url that is sent in the first step).

A single view of the customer across all platforms

This work resulted in a great customer experience.

  • Data flows seamlessly between the company’s main CMS, Shopify, and the SSO platform
  • After a customer makes a purchase, we use Shopify Webhooks to update the SSO platform on what has happened
  • For new customers, we kick-off an account completion flow

The next time the customer logs in, they’ll see whatever they purchased alongside any other services that are available to them.

John Masson

John Masson