Understand Storefront SSO Limitations

The storefront single sign-on implementation has some limitations you should be aware of.

This section applies to Open Storefront Framework (OSF).

Storefront SSO does not provide single log-out (SLO). If a shopper signs out of Retail Digital Commerce or if the shopper’s session times out, the shopper may continue to be logged into the identity provider until the identity provider session times out. Similarly, if the shopper signs out or is timed out of the identity provider, the shopper may remain logged into Retail Digital Commerce until the Retail Digital Commerce session times out.

If a Retail Digital Commerce storefront uses SSO exclusively, customer service agents cannot reset shopper passwords in the Agent Console; shopper passwords can be reset only in the identity provider. If a Retail Digital Commerce storefront supports both SSO and standard logins, passwords of shoppers using standard logins can be reset in the Agent Console, but passwords of shoppers using SSO can be reset only in the identity provider.