General Guidance

This section contains guidance for functionality that applies across multiple B2C Commerce APIs (SCAPI). Use it as a starting point to find the cross-cutting topics most relevant to your implementation.

• Authorization Overview — How SCAPI client permissions work.
• Authorization for Shopper APIs — Set up SLAS clients for storefront access.
• Authorization for Admin APIs — Set up Account Manager clients for backend access.
• Authorization Scopes Catalog — Complete list of available scopes.
• SLAS Overview — Grant types, token types, and advanced SLAS topics.

• Customization with Hooks — Alter and extend Shopper API behavior using the Script API.
• Hook Method Details — Available hooks with method signatures.
• Custom APIs — Build custom REST endpoints under the SCAPI framework.

• Server-Side Web-Tier Caching — Which APIs are cached, TTLs, and personalization settings.
• Shopper API Performance and Best Practices — Optimize response times for hooks, Custom APIs, and catalog size.

• Shopper Context — Set context information to retrieve personalized promotions, payment methods, and shipping methods.
• Shopper Context Best Practices — Guidelines for using Shopper Context effectively.

• HTTP Status Codes and Errors — Common error messages, error response format, and best practices.
• Timeouts and Limits — Default timeout values and request/response size constraints.
• Load Shedding and Rate Limiting — Rate limits per API family.
• Troubleshoot Request Timeouts — Diagnose and resolve timeout issues.
• View SCAPI Logs and Track Requests — Use correlation IDs and Log Center.

• Build Baskets and Place Orders — End-to-end checkout flow with code examples.
• Hybrid Storefront Best Practices for Working with Baskets — Best practices for hybrid SFRA/headless deployments.
• Coupons, Gift Certificates, and Bonus Products — Promotional features in basket flows.

• Base URL and Request Formation — How to construct well-formed API requests.
• Property Selection — Select specific attributes of the response to return.
• URL Encoding of Special Characters — Double-encode special characters in resource identifiers.
• Custom Properties — Read and write custom c_ properties on business objects.

• Security — Authentication, authorization, and the shared responsibility model.
• CORS in SCAPI — Configure cross-origin resource sharing for browser-based access.