Hybrid Auth Troubleshooting

Use this guide to diagnose common Hybrid Auth implementation issues.

  • Confirm Hybrid Auth is enabled in Business Manager for the active site.
  • Confirm storefront uses the expected SLAS client ID.
  • Validate SLAS client scope includes sfcc.session_bridge.
  • Confirm headless runtime forwards and accepts required cookies/headers.
  • Confirm route ownership does not cause auth loops between origins.
  • If session-bridge authentication fails with the error Cannot construct SLAS session-bridge URL: no ACTIVE SCAPI short code found for this organization, the ODS realm has no active SCAPI short code.
  • Generate a dedicated short code for the realm in Business Manager to resolve the error. No Support ticket is required. The previously shared common short code (kv7kzm78) still works, but a dedicated short code is required for SLAS hybrid authentication.
  • For instructions, see Base URL and Request Formation and Generate a Short Code and Create an API Client ID.