Get Started with the B2C Commerce API

To start using the API immediately, go to the Quick Start. To browse the endpoints, see the API Reference.

The B2C Commerce API is a collection of RESTful APIs for interacting with B2C Commerce instances. It goes by a few different names: Salesforce Commerce API, the acronym SCAPI, or just Commerce API.

The API enables developers to build a wide range of applications: from full storefronts to custom merchant tools to augment Business Manager. For all B2C Commerce customers, the API is available at no extra cost.

The API is broken into two main groups of APIs: Shopper APIs and Admin APIs. And within each group, they’re divided into API families and into smaller groups focused on related functionality.

Let’s compare the two API groups side by side:

Shopper APIsAdmin APIs
Used by shoppers or trusted systems acting on their behalfUsed by administrators or other privileged users
Access secured by the Shopper Login and API Access Service (SLAS)Access secured by Account Manager
Supports anonymous users and multiple authentication methodsAuthentication is handled exclusively by Account Manager
Read only (exceptions: Shopper Baskets and Shopper Orders)Read and write
Designed for high-scale usageDesigned for moderate usage
API names start with "Shopper"No naming convention
Includes: Shopper Baskets, Shopper Customers, Shopper Orders, Shopper Products and 7 moreIncludes: Assignments, Catalogs, Customers, Inventory Availability, Orders, Products, and 8 more

A key part of the B2C Commerce API is the Shopper Login and API Access Service (SLAS). The SLAS authorization endpoints provide the tokens that secure access to the Shopper APIs. Tokens are provided using a variety of grant types defined by the OAuth 2.1 standard.

Besides securing access to the Shopper API, SLAS can also enable the following features in your application: third-party identify providers, single sign-on, and personalization.

To learn more about SLAS and how to use it in your application, see the SLAS guides.

Before SLAS was added to the B2C Commerce API, shopper login was accomplished with the /customers/actions/login and /trusted-system/actions/login endpoints. These endpoints are now deprecated, and will be removed on March 31, 2023. They aren’t available to new customers, and we discourage existing customers from using them. Instead, we strongly recommend that you use SLAS because it meets a higher standard for security and availability.

We provide an open-source SDK that allows easy interaction with the B2C Commerce API using JavaScript or TypeScript. The SDK is built for the Node.js runtime, one of the most popular platforms for web development.

We also offer an isomorphic version of the SDK that can be run in either a browser or server environment.

For developers that want to use the B2C Commerce API in a React app and get a head start on development, we offer the Progressive Web App Kit (PWA Kit) framework. You can deploy PWA Kit applications to Salesforce’s public-cloud infrastructure with a companion product called the Managed Runtime.

To learn more about PWA Kit and Managed Runtime, see the product documentation.

The B2C Commerce API is separate from the Open Commerce API (OCAPI). Although you can accomplish many of the same tasks with either API, there isn’t complete feature parity between them.

With the 22.3 release of Commerce Cloud, OCAPI hooks are now enabled for the B2C Commerce API. You can customize Shopper API resources that perform a modification on the server-side, such as the Customer and Basket resources. These resources provide hooks that enable you to augment server-side logic with your own eCom-based script code.

For more information, see Extensibility via Hooks.

You can use correlation IDs to match a particular request to a particular response, making it easier to troubleshoot unexpected issues, such as internal server errors.

If a correlation-id header is provided in a request to a B2C Commerce API endpoint, the response contains an x-correlation-id header that contains the value of correlation-id. The API also generates its own correlation ID for each response.

To learn more about correlating API requests and responses, see Identifying Requests and Responses.

  • To use the B2C Commerce API with staging environments set to use vanity domains, you must set up eCDN for Staging.
  • To ensure availability and protect you from denial of service attacks, requests to the B2C Commerce API are rate limited. For details on how each family of APIs is limited, see Rate Limits.
  • To improve performance, Shopper API family requests are routed to ECOM servers using the token's Unique Shopper ID (USID). To avoid overloading a single server, don't use the same USID to make requests on behalf of many guest shoppers.
  • B2C Commerce API does not support cross origin requests. To use it with web browsers, use a reverse proxy.

Make sure that your code can handle nonbreaking changes to the API.

Each group of resources within the B2C Commerce API is regularly updated with bug fixes, security updates, performance optimizations, new features, and other improvements. These updates are typically announced in the release notes after the updates are made.

While we avoid making breaking changes without prior notification, some updates include nonbreaking changes, such as:

  • New endpoints
  • New methods added to existing endpoints
  • New body fields
    • New fields in responses
    • New optional request fields
    • New required request fields that have default values
  • Changes to the order of fields in the response body
  • New optional request and response headers
  • New optional query parameters
  • New required query parameters that have default values
  • Changes to error responses. We don’t recommend parsing error messages to perform business logic. Use HTTP response codes and error types instead.
  • New claims added to the SLAS JWT.
  • Reordering of existing claims in the SLAS JWT.
  • Fixes to HTTP response codes and error codes from incorrect code to correct code

You can subscribe to updates regarding the availability of B2C Commerce API services on Salesforce Status.

To try out the API with a demo sandbox and sample data, go to the API and SDK Demo.

When you’re ready to start setting up your own instances to use the API, see the Configuration Values and Authorization for Shopper APIs guides.

To explore the full capabilities of each set of API endpoints, see the specifications in the Reference section.