Authorization Scopes Catalog

Scopes control which B2C Commerce endpoints a token can access. They provide use case specific permissions which cover multiple endpoints.

Scopes are formatted as sfcc.{{family}}[.rw]. The optional .rw suffix indicates read and write permissions.

For usage information, see Authorization for Shopper APIs and Authorization for Admin APIs.

To use scopes with Custom APIs, see Custom API Authentication and Authorization.

ScopeAPI FamilyAPI NamePurpose
sfcc.catalogsProductCatalogsRead catalog information.
sfcc.catalogs.rwProductCatalogsUpdate, delete, and create catalogs.
sfcc.cdn-zonesCDN ZonesCDN ZonesRead information related to CDN Zones.
sfcc.cdn-zones.rwCDN ZonesCDN ZonesCreate, read, update, and delete information related to CDN Zones.
sfcc.customerlistsCustomerCustomersRead customer list associated with a site.
sfcc.customerlists.rwCustomerCustomersCreate, read, update, and delete customer lists associated with a site.
sfcc.gift-certificatesPricingGift CertificatesView gift certificates.
sfcc.gift-certificates.rwPricingGift CertificatesCreate, update, or delete gift certificates.
sfcc.inventory.availabilityInventoryInventory Availability
  • Getting Availability.
  • Account Manager Authentication.
sfcc.inventory.availability.rwInventoryInventory Availabilit
  • Updating Availability.
  • Account Manager Authentication.
sfcc.inventory.impex-graphsInventoryInventory Impex
  • Location Graph Exports.
  • Account Manager Authentication.
sfcc.inventory.impex-inventoryInventoryInventory Impex
  • Inventory Exports.
  • Account Manager Authentication.
sfcc.inventory.impex-inventory.rwInventoryInventory Impex
  • Inventory Imports.
  • Account Manager Authentication.
sfcc.inventory.reservationsInventoryInventory Reservation
  • Getting Reservation Information.
  • Account Manager Authentication.
sfcc.inventory.reservations.rwInventoryInventory Reservation
  • Updating Reservations.
  • Account Manager Authentication.
sfcc.ordersCheckoutOrdersList and view orders from a management perspective.
sfcc.orders.rwCheckoutOrdersUpdate an existing order, for example, with a status update.
sfcc.preferencesConfigurationPreferencesRetrieve site and environment-specific settings.
sfcc.cors-preferences.rwConfigurationCORSManaged Cross-Origin Resource Sharing (CORS) preferences.
sfcc.productsProductProductsRead products assigned to a catalog.
sfcc.products.rwProductProductsCreate, read, update, and delete products from a catalog.
sfcc.promotionsPricingPromotionsView assignments.
sfcc.promotionsPricingPromotionsView campaigns.
sfcc.promotionsPricingPromotionsView coupons.
sfcc.promotionsPricingPromotionsView promotions.
sfcc.promotions.rwPricingPromotionsCreate, update, or delete assignments.
sfcc.promotions.rwPricingPromotionsCreate, update, or delete campaigns.
sfcc.promotions.rwPricingPromotionsCreate, update, or delete coupons.
sfcc.promotions.rwPricingPromotionsCreate, update, or delete promotions.
sfcc.pwdless_loginShopperShopper LoginAllow users with an eCom profile to request a token by email that can be used to log in without a password even when their identity provider (Salesforce) is unavailable.
sfcc.session_bridgeShopperShopper LoginAllow session bridging.
sfcc.shopper-baskets-ordersCheckoutShopper BasketsView only baskets and orders from an end-user perspective (shopper).
sfcc.shopper-baskets-orders.rwCheckoutShopper BasketsAllow the client app to update an order, with additional information such as shipping or tax information.
sfcc.shopper-categoriesProductShopper ProductsRead categories to be displayed on a storefront for shoppers.
sfcc.shopper-context.rwShopperShopper ContextManager Shopper Context.
sfcc.shopper-custom-objects.{object-type}Custom ObjectShopper Custom ObjectsView custom object information. Access can be restricted at the {object-type} level. This extends the standard objects provided by B2C Commerce.
sfcc.shopper-customers.loginCustomerShopper CustomersLog in a shopper.
sfcc.shopper-customers.registerCustomerShopper CustomersRegister a shopper.
sfcc.shopper-experienceExperienceShopper ExperienceRead pages created in Page Designer.
sfcc.shopper-gift-certificatesPricingShopper Gift CertificatesView gift certificates from a shopper perspective.
sfcc.shopper-myaccountCustomerShopper CustomersRead all data in a shopper account.
sfcc.shopper-myaccount.addressesCustomerShopper CustomersRead shopper addresses.
sfcc.shopper-myaccount.addresses.rwCustomerShopper CustomersCreate, read, update, and delete addresses in a shopper account.
sfcc.shopper-myaccount.basketsCustomerShopper CustomersRead a shopper’s baskets.
sfcc.shopper-myaccount.ordersCustomerShopper CustomersRead a shopper’s orders.
sfcc.shopper-myaccount.paymentinstrumentsCustomerShopper CustomersRead a shopper’s payment instruments.
sfcc.shopper-myaccount.paymentinstruments.rwCustomerShopper CustomersCreate, read, update, and delete payment instruments in a shopper account.
sfcc.shopper-myaccount.productlistsCustomerShopper CustomersRead wishlists associated with a shopper account.
sfcc.shopper-myaccount.productlists.rwCustomerShopper CustomersCreate, read, update, and delete wishlists associated with a shopper account.
sfcc.shopper-myaccount.rwCustomerShopper CustomersCreate, read, update, and delete all data in a shopper account.
sfcc.shopper-product-searchSearchShopper SearchEnables search for products and product suggestions.
sfcc.shopper-productlistsCustomerShopper CustomersRead public product lists or wishlists.
sfcc.shopper-productsProductShopper ProductsRead products merchandized and available to be sold on a particular site.
sfcc.shopper-promotionsPricingShopper PromotionsView promotions from a shopper perspective.
sfcc.shopper-seoSiteShopper SEOView SEO-related information.
sfcc.shopper-storesStoreShopper StoresEnables you to search for, and obtain details on stores.
sfcc.source-codesPricingSource Code GroupsView source codes.
sfcc.source-codes.rwPricingSource Code GroupsCreate, update, or delete source codes.
sfcc.ta_ext_on_behalf_ofShopperShopper LoginCall trusted agent endpoints.
sfcc.ts_ext_on_behalf_ofShopperShopper LoginCall trusted system endpoints.

Here's an example set of scopes required for a shopping application (like a PWA Kit storefront):