B2C Commerce API Release Notes

Use B2C Commerce API (also known as Salesforce Commerce API or SCAPI) to build headless commerce experiences.

  • For the general B2C Commerce release notes, go to Salesforce Help.
  • To use the SDK to make your first call quickly, see the Quick Start.
  • For details about auth, see Authorization.
  • To learn about using B2C Commerce API, see the Guides.
  • To learn about using correlation IDs, see Identifying Requests and Responses.
  • To browse the API endpoints, use the left navigation. B2C Commerce API is broken into two main groups: Shopper APIs and Admin APIs. All Shopper API groups start with Shopper. For details about the differences, see Get Started.
  • Note: All secrets and tokens are fictional and provided as placeholders only.

Shopper Login (SLAS)

  • Bug fixes:
    • Admin UI, client create claims fix
    • SESB fix for OCAPI calls
  • Features:
    • Support for Active Directory Federated Service IDP
    • security library updates
  • Trust notification

All B2C Commerce APIs

All B2C Commerce APIs

The Shopper Context API is now generally available!

All B2C Commerce APIs

  • Rate limit update to the rules endpoint in the Catalogs API.
  • Maintenance and stability updates for Products, Catalogs, and Shopper Products APIs. Trust notification.

All B2C Commerce APIs

Shopper Login (SLAS)

All B2C Commerce APIs

  • Security updates for SCAPI platform environment.
  • Maintenance and stability updates for SCAPI platform environment.
  • Update TrustedAgentOnBehalf support for Shopper Token policy.
  • Trust notification.

Shopper Login (SLAS)

  • Support for Forgerock IDP.
  • Trusted Agent On Behalf (TAOB) now supports Private ClientID flow, and TAOB JWT token expiry changed from 30 to 15 minutes for PCI compliance.
  • /jwks endpoint now returns 3 key IDs (past, current, and future KeyID).
  • Reduced the Passwordless OTP - token length from 20 to 8 characters.
  • Enhanced BOT mitigation strategy within SLAS.
  • Fixed inconsistencies related to failed tokens.
  • Session Bridge: Improved error messaging & guest support.
  • SLAS no longer calls ecom, when a shopper account is locked.
  • User cache refinements & Fixed cache inconsistencies after tenant key rotation.
  • Addressed login ID inconsistencies for passwordless login.
  • Fixed AppleIDP issue related to middle name.
  • Security library updates.
  • Trust notification.

Shopper Customers

  • Rate limit increase for GET /customers/*(Shopper-Customers), see Rate Limits.

All B2C Commerce APIs

  • Security update for SCAPI platform environment.
  • Maintenance and stability updates for SCAPI platform environment.

Shopper Customers

  • Rate limit increase for GET /products-lists/{id}(Shopper-Customers), see Rate Limits.

All B2C Commerce APIs

  • Maintenance, stability, and capacity updates for SCAPI platform environment.

Orders

All B2C Commerce APIs

  • Rate limit updates: API families have either a 5s tier or a 60s tier, see Rate Limits.

Shopper Products

  • Response compression has been introduced.
  • The expand query parameter has been added for getProducts.
  • Maintenance and stability updates for SCAPI platform environment.

All B2C Commerce APIs

  • Maintenance and stability updates for SCAPI platform environment.

All B2C Commerce APIs

  • Added support for correlation-id and x-correlation-id headers.

The scheduled deactivation of /customers/actions/login, /trusted-system/actions/login, and other related endpoints has been extended from mid-2022 to mid-2023 for existing customers. These endpoints are still not available to new customers, and we still discourage existing customers from using them. Instead, we strongly recommend that you use the Shopper Login and API Access Service (SLAS) because it meets a higher standard for security and availability.

All B2C Commerce APIs

  • Increased performance and response times through caching on the edge layer.
  • Resources affected: /product, /category, and /product_search.
  • Updates to the personalization handling ensure that personalized content is cached correctly.
  • No action is required by developers to take advantage of this update.

All B2C Commerce APIs

  • Update common libraries for data types, security schemes, and examples to latest versions.

Shopper Context

  • Remove outdated example requests for creating and updating shopper context.

Shopper Login (SLAS)

  • Replace SlasJWT-BearerSecurityScheme.BearerToken security scheme with CommerceCloudStandards.ShopperToken.