I am using Magento as a headless CMS application and building my own frontend UI and backend application. The intention is to handle customer authentication, product listing and cart management through REST API endpoints provided on https://developer.adobe.com/commerce/webapi/rest/quick-reference/ on my own custom storefront, while redirecting customers to the Magento checkout page on browser for the checkout and payment flow. The UI for the entire process will be developed on my own (and interact with Magento through API), except for the checkout and payment flow which I wish to keep on the Magento site for compliance purposes.
However, I am facing issues with create a single login flow for customers since they would have to login once to retrieve the customer token through the /integration/customer/token endpoint, but are not automatically logged in when they are redirected to the Magento checkout page on the browser session since that is handled by the PHPSESSID (meaning they are required to log in twice).
I am looking for solutions (or customizations) to support a workflow where the customers only have to log in once.
Please kindly advise if
- Am I able to use set the PHPSESSID cookie from my own application after retrieving the customer token
- Are there customizations available on Magento to allow me to automatically log customers in once they are redirected to the website on the browser
- Are there any other possible flows that you recommend such that I can provide customer authentication on both my own platform and magento site through a single log in?
Would appreciate if you can point me to any resources as well. Thank you.
I have come up with some possible flows based on the links I have found:
Magento Customisation (Auto-login with maybe customer token?)
Magento 2 – Auto login with specific URL
Magento Storefront Login (Set cookie, redirect to platform, call platform API)
https://community.magento.com/t5/Magento-2-x-Programming/Custom-Login-from-external-website/m-p/81373
https://community.magento.com/t5/Magento-2-x-Programming/Conditional-redirect-after-login/m-p/66015