Get Started with the B2C Commerce API
To start using the API immediately with our SDK, go to the API and SDK Demo.
The B2C Commerce API is a collection of RESTful APIs for interacting with B2C Commerce instances. It goes by a few different names: Salesforce Commerce API, the acronym SCAPI, or just Commerce API.
The Commerce API enables developers to build a wide range of applications: from full storefronts to custom merchant tools to augment Business Manager. For all B2C Commerce customers, the API is available at no extra cost.
The Commerce API is broken into two main groups of APIs: Shopper APIs and Admin APIs. And within each group, they are divided into API families and into smaller groups focused on related functionality.
Let’s compare the two API groups side by side:
|Shopper APIs||Admin APIs|
|Used by shoppers or trusted systems acting on their behalf||Used by administrators or other privileged users|
|Access secured by the Shopper Login and API Access Service (SLAS)||Access secured by Account Manager|
|Supports anonymous users and multiple authentication methods||Authentication is handled exclusively by Account Manager|
|Read only (exceptions: Shopper Baskets and Shopper Orders)||Read and write|
|Designed for high-scale usage||Designed for moderate usage|
|API names start with "Shopper"||No naming convention|
|Includes: Shopper Baskets, Shopper Customers, Shopper Orders, Shopper Products and 7 more||Includes: Assignments, Catalogs, Customers, Inventory Availability, Orders, Products, and 8 more|
A key part of the Commerce API is the Shopper Login and API Access Service (SLAS). The SLAS authorization endpoints provide the tokens that secure access to the Shopper APIs. Tokens are provided using a variety of grant types defined by the OAuth 2.1 standard.
Besides securing access to the Shopper API, SLAS can also enable the following features in your application: third-party identify providers, single sign-on, and personalization.
To learn more about SLAS and how to use it in your application, see the SLAS guides.
Before SLAS was added to the Commerce API, shopper login was accomplished with the
/trusted-system/actions/login endpoints. These endpoints are now deprecated, and we plan to remove them in mid-2023. They are not available to new customers, and we discourage existing customers from using them. Instead, we strongly recommend that you use SLAS because it meets a higher standard for security and availability.
We also offer an isomorphic version of the SDK that can be run in either a browser or server environment.
For developers that want to use the Commerce API in a React app and get a head start on development, we offer the Progressive Web App Kit (PWA Kit) framework. You can deploy PWA Kit applications to Salesforce’s public-cloud infrastructure with a companion product called the Managed Runtime.
To learn more about PWA Kit and Managed Runtime, see the product documentation.
The Commerce API is separate from the Open Commerce API (OCAPI). Although you can accomplish many of the same tasks with either API, there is not complete feature parity between them.
With the 22.3 release of Commerce Cloud, OCAPI hooks are now enabled for the Commerce API. You can customize Shopper API resources that perform a modification on the server-side, such as the Customer and Basket resources. These resources provide hooks that enable you to augment server-side logic with your own eCom-based script code.
For more information, see Extensibility via Hooks.
You can use correlation IDs to match a particular request to a particular response, making it easier to troubleshoot unexpected issues, such as internal server errors.
correlation-id header is provided in a request to a SCAPI endpoint, the response contains an
x-correlation-id header that contains the value of
correlation-id. The API also generates its own correlation ID for each response.
To learn more about correlating API requests and responses, see About the B2C Commerce API in the Reference section.
To use SCAPI with staging environments set to use vanity domains, you must set up eCDN for Staging.
To ensure availability and protect you from denial of service attacks, requests to the Commerce API are rate limited. For details on how each family of APIs is limited, see Rate Limits.
To improve performance, Shopper API family requests are routed to ECOM servers using the token's Unique Shopper ID (USID). To avoid overloading a single server, don't use the same USID to make requests on behalf of many guest shoppers.
To try out the API with a demo sandbox and sample data, go to the API and SDK Demo.
To explore the full capabilities of each set of API endpoints, see the specifications in the Reference section.