Salesforce Commerce Cloud GitHub Repositories and Access

Salesforce Commerce Cloud maintains a secure GitHub environment to share code and artifacts with both Commerce Cloud customers and partners.

This is the primary place where code is shared for using B2C Commerce, and there are both public and private repositories available. See the Salesforce CommerceCloud Repository.

Public (open-source) repositories are available to anyone that browses GitHub, with or without a GitHub user account. Open-source projects such as PWA Kit, Commerce API SDK, and the SFCC-CI command-line tool are available as open-source.

Private repositories require a GitHub user login that has been authenticated with Commerce Cloud in order to access. These repositories contain code that is licensed, based on your Commerce Cloud license, and covered under your NDA — that is, they aren’t open-source. Examples of these are the Storefront Reference Architecture and all LINK cartridges.

If you click the link for SFRA and haven’t already logged into GitHub with a Commerce Cloud authenticated account, you receive a 404 error from GitHub as if the repository doesn’t exist at all.

Access to private repositories require associating your GitHub account with Commerce Cloud via authentication with Account Manager.

To authenticate your GitHub user account:

  1. If you don’t already have a GitHub user account, create one from the GitHub Sign Up page.

    This account doesn’t have to necessarily be related to any Commerce Cloud or Salesforce account you already have. It can be something different.

  2. Enable two-factor authentication (2FA) for your GitHub account.

    To maintain trust, Salesforce requires that anyone accessing the GitHub repositories has 2FA set up for their account. Follow the directions for Configuring Two-Factor Authentication on GitHub, and complete that process.

    This is separate from Commerce Cloud or Salesforce two-factor authentication. You can use whatever mechanism for 2FA you want to for your GitHub account.

  3. With a valid and logged in GitHub user account (with 2FA configured), associate that account with Commerce Cloud by going to theSalesforce Commerce Cloud SSO Signup page. This allows you to connect your GitHub user account to your Account Manager user account, and establish the SSO relationship.

With the SSO process complete, your GitHub account is allowed access to Salesforce Commerce Cloud private repositories. You’re asked to authenticate with your Account Manager credentials when you attempt to access private repositories.

In order to ensure there are enough GitHub licenses available for active users, Salesforce deactivates Salesforce Commerce Cloud repository access from GitHub users who have been inactive in the repositories for 90 days. This doesn’t affect your GitHub account in any manner beyond removing your access to the private Salesforce Commerce Cloud repositories temporarily.

Users who are removed as a result of this inactivity receive an automated email from Github, and can easily rejoin by authenticating again with their Account Manager credentials from the Salesforce Commerce Cloud SSO Signup page.