j
No Results
Search Tips:
- Please consider misspellings
- Try different search keywords
Request a reset password token
curl "https://{shortCode}.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/{organizationId}/oauth2/password/reset" \
-X POST \
-H "content-type: application/x-www-form-urlencoded"A region-specific merchant identifier.
0dnz6ope
User ID for logging in. This is the id that is used to log into SFCC.
Notification mode for sending the passwordless token to the user. Using callback SLAS will make POST request to the given callback_uri. Using sms requires Marketing Cloud to be configured for SLAS and have a sms password action template also configured.
- callback
- sms
callback
The channel (B2C Commerce site) that the user is associated with.
RefArch
The locale of the template.
en-us
-| The public client ID. Requires setting grant_type to passwordless_login_pkce.
When using the hint query parameter either a public or private client ID can be used.
6b200ebd-7843-4073-aef9-792482c9e1de
PKCE code challenge. Created by the client.
The code_challenge is created by SHA256 hashing the code_verifier and Base64 encoding the resulting hash.
The code_verifier should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.
Requires setting grant_type to passwordless_login_pkce
Nx_Vf0-0W6SpyRVBVTbl8VSu2OE4yD2fZNExW6N3V_Q
The callback uri. Required when the mode is callback. The callback_uri property will be validated against the callback URIs that have been registered with the SLAS client. The callback URI must be a POST endpoint because the token will be included in the body.
Wildcards are not allowed in the callback_uri because this is a security risk that can expose the token. This is not considered an OAuth2 callback_url.
The name of the 3rd party identity provider for the user ID
okta
Adding a hint query parameter with a value of cross_device will remove the need to have the code_challenge for password reset request. If the hint query parameter is used it must also be used in the password reset request.
cross_device
Success
The 1 minute maximum number of requests permitted per hour.
The 1 minute number of requests remaining in the current rate limit window.
The 1 minute time at which the current rate limit window resets in UTC epoch seconds.
The 5 minute maximum number of requests permitted per hour.
The 5 minute number of requests remaining in the current rate limit window.
The 5 minute time at which the current rate limit window resets in UTC epoch seconds.