Security is essential when it comes to our online stores! Our software allows you to better control access to online stores, so unauthorized end consumers aren’t able to purchase merchandise.
Email Authentication allows you to control access to an online store by validating a consumer’s email address against a pre-approved email domain before they can access the store. Consumers with a valid email address will be sent a link granting them access to the store. The store link will expire after 3 hours.
Before using Email Authentication you must first enable the Storefront Experience premium feature package. Activate this package under Dealer Settings > Premium Features.
Note: Premium feature subscriptions apply account-wide. Only Owner and Accountant roles can access the Premium Features page. If you are the Owner or Accountant of your business and cannot access the Premium Features page, email email@example.com.
Once you’ve activated the Storefront Experience package, you will have access to the Authorized Email Domain(s) field on the General tab of your stores. You can add one or more approved email domains.
Email domains listed in this field will allow consumers with an email address that matches the domain to get access to the store. For example, by adding ordermygear.com to the Authorized Email Domain(s) field, a consumer using the email address firstname.lastname@example.org would be sent an email granting them access to the store.
Consumers who navigate to the store will now be prompted to enter their email address.
Consumers that are having an issue receiving the email can click “Not receiving an email?” for additional information, including the customer service email for the store.
Consumers can also click “Why am I seeing this page?” for more information about why they’re being asked to enter an email address.
Consumers that enter an email address that matches an email domain listed in the Authorized Email Domain(s) field will receive an email with a link to the store.
Consumers can use the link provided in the email to access the store for 3 hours, at which point the link will expire. To access the store again, a consumer will need to reauthenticate by entering their email address to receive a new unique link.
Note: Consumers that enter an email address that does not match a pre-approved email domain will not be able to access a store.
Frequently Asked Questions
Is there a limit to how many email domains can be used on a single store?
- No, there is no set limit for how many email domains can be used on a single store.
Can the same email domain be used across multiple stores?
- Yes, the same email domain can be used across multiple stores.
Can consumers that do not have an approved email domain access the store if the link is shared with them?
- Yes. Store links can be shared with consumers that do not have an approved email domain. However, the link will only be active for 3 hours. After 3 hours, the link will expire & the consumer will be prompted again to enter an email address to access the store.
How do I change the branding of the screen where consumers enter their email address?
- If you have the Advanced Branding premium feature subscription activated, the “send verification” button will inherit the primary color you set for the store. If you do not have Advanced Branding activated, the button is blue. The background color of the page cannot be edited.
What email address does the store link come from? How do we prevent the email from going to spam?
- The email containing the link to the store will come from email@example.com. OMG clients should recommend that their customers add this email address to their address book & check their spam folder if they are not receiving the email.
Are end consumers required to checkout with the same email address they used to sign into the store?
- No, once a consumer has gained access to the store, they can check out using a different email address.
What if a consumer does not have an email address from the approved domain(s)? can you add one-off email addresses?
- No, specific emails addresses cannot be added. Restrictions can only occur at the email domain level (e.g. ordermygear.com).
Can a consumer that previously had access to a store be able to access it if their email domain is removed from that store?
- No. Once an email domain has been removed, only consumers that enter an approved email address will be able to gain access. This holds true even if the link is still within the 3-hour “active” window.
What email address do consumers see if they click “Not receiving an email?” or after 3 failed attempts to access a store?
- Consumers will be shown the email address defined in the Customer Service section under Edit Store > General Tab.
How does this feature impact store preview and will I have to log into the app to be able to see what a store looks like?
- You will need to add your email domain to the list of authorized domains in order to view the store. You'll then go through the same process as end consumers - clicking the link, entering your email address, and receiving an email with access to the store. This allows you to see what the experience will be like.