Who this is for
Developers who have implemented Embeddable Checkout and want shoppers to check out with Bolt without logging into the store separately.Prerequisites
- Embeddable Checkout implemented on your storefront
- OAuth flow configured with
openidscope
How it works
- Shopper enters email on your storefront.
- Bolt identifies whether a Bolt Account exists and prompts OTP login.
- After authorization, Bolt returns an ID token via OAuth.
- Your backend validates the email from the ID token against store accounts and logs the shopper in.
Implementation overview
| Step | Task |
|---|---|
| 1 | Exchange authorization code for ID token via OAuth token endpoint with scope including openid |
| 2 | Fetch Bolt’s RSA public key from /.well-known/openid-configuration |
| 3 | Parse the ID token to get the Bolt Account email |
| 4 | Match email to a store account and trigger store login |
When you set up Bolt Accounts, require shoppers to input their email when logging into your store account.
Related
- Embeddable Checkout
- SSO Commerce: full single sign-on vs email linking
- Authentication
- OpenID Connect