Spryker Core Back Office feature overview

A Spryker-based shop ships with a comprehensive, intuitive administration area comprised of numerous features that give you a strong hold over the customization of your store. Here you can tailor features to your specific needs, manage orders, products, customers, modify look & feel of your store by, for example, designing the eye-catching marketing campaigns and promotions, and much more.

The Spryker Back Office provides you with a variety of sections that are logically connected to each other.

With Spryker Back Office, you can:

• Manage orders placed by your customers as well as create orders for customers
• Create and manage customers
• Build and manage product categories
• Create and manage CMS blocks and pages
• Handle translations
• Manage products and all elements related to them (availability, labels, options, types, etc.)
• Customize search and filters for the online store
• Create and manage discounts
• Build and manage the main navigation of your online store
• Create new carrier companies and shipment methods as well as manage those
• Create admin users, add roles and user groups

Depending on the roles and teams in your project, you can limit the access of different Back Office users to specific Back Office areas.

Back Office provides both, B2B and B2C capabilities.

You can always define what exactly is going to be needed for your specific project.

Back Office authentication

To be able to use the Spryker Back Office, users have to authenticate to the Back Office. They can authenticate via:

• Regular Back Office user account
• Third-party sign-on (optional)

To authenticate as a regular Back Office user, you should have the Back Office user account. See Managing users to learn how you can create and manage Back Office user accounts.

You can also enable your users to sign in from a third-party service set up for your project. The third-party sign-on uses the OpenID protocol for authentication.

If a user chooses to log in via a third-party, the user is redirected to the OAuth provider’s sign-in page (for example, Microsoft Azure). If the user logs in to the third-party service successfully, the check is made if the user exists in the Spryker database. If the user exists in the database and is active, the user is logged in. If the user does not exist in the database, you can have one of the two different behaviors or strategies for your project:

Strategy 1: Upon the first login, create the Back Office admin user based on the third-party system’s user data.

If a user who does not exist in the Spryker database logs in for the first time, the following happens:

• Based on the third-party system’s user data such as first name, last name, and email, the Back Office user is created and visible on the Users page in the Back Office.
• The user is assigned to the default group.

With Strategy 1, the login process looks like this:

Strategy 2: Do not log in the user unless they exist in the Spryker database.

Before a user can log in to Back Office with a third-party service credentials, the user should be added and set to Active in the database. You can add the user either via the Back Office or via the ACL module.

With Strategy 2, the login process looks like this:

Current constraints

Currently, the feature has the following functional constraint:

Each of the Identity Managers is an ECO module that should be developed separately. After the module development, the Identity Manager’s roles and permissions should be mapped to the roles and permissions in Spryker. The mapping is always implemented at the project level.

Related Business User documents