Salesforce B2C Commerce API (SCAPI) Client
Storefront Next includes a type-safe API client for calling Salesforce B2C Commerce Shopper APIs from your storefront. This client provides full TypeScript support with autocomplete, type checking, and semantic operation names.
The B2C Commerce API (SCAPI) is a collection of RESTful APIs for interacting with B2C Commerce instances. Also known as Salesforce Commerce API or simply Commerce API, it provides endpoints for products, search, baskets, customers, orders, and so on.
The SCAPI client in @salesforce/storefront-next-runtime/scapi wraps these APIs with:
- Minimal bundle size: Built on openapi-fetch, a lightweight fetch client with near-zero runtime overhead.
- Type-safe operations: Full TypeScript inference from OpenAPI specifications.
- Semantic method names: Call
getProduct()instead ofGET /products/{id}. - Automatic parameter injection: Common parameters like
organizationIdandsiteIdare handled for you. - Built-in authentication helpers: Guest login, registered login, social login, passwordless login, token refresh, and password reset.
Create API clients that use createCommerceApiClients.
| Parameter | Required | Description |
|---|---|---|
baseUrl | Yes | Commerce API base URL |
organizationId | Yes | Your organization ID (automatically added to path parameters) |
siteId | Yes | Your site ID (automatically added to query parameters) |
clientId | Yes | Shopper Login and Session API (SLAS) client ID |
redirectUri | Yes | OAuth redirect URI |
locale | No | Locale for requests (for example, en-US) |
clientSecret | No | SLAS client secret. See Public vs Private SLAS Client. |
The clientSecret parameter determines which SLAS authentication flow the client uses.
-
Public client (no secret): When
clientSecretis omitted, the auth helpers use the public client flow with Proof Key for Code Exchange (PKCE). This behavior is suitable for client-side apps where the secret can’t be kept secure. -
Private client (with secret): When
clientSecretis provided, the auth helpers use the private client flow. This behavior enables extra features, such as passwordless login, and is suitable for server-side apps where the secret can be kept secure.
Before making API calls, you must get an access token. The client includes an auth namespace with helper functions for SLAS shopper login and session API operations.
These authentication helpers are intentionally stateless—they don’t store tokens, session data, or any intermediate state internally. Each function call is independent, giving you full control over how and where you store credentials. This design ensures compatibility with server-side rendering, avoids shared state issues across requests, and lets you choose your preferred storage strategy, such as cookies, session storage, database, and so on.
After you have an access token, add it to API requests by using middleware. Note that SLAS authentication endpoints handle their own authorization and must be skipped.
The client automatically includes organizationId and siteId in all requests, so you only provide operation-specific parameters.
Use the appropriate client method to perform mutations like adding items to a basket or updating customer information.
The client provides access to all SCAPI endpoints.
| Client | Description |
|---|---|
shopperAvailability | Product availability and inventory |
shopperProducts | Products, categories, and catalog data |
shopperSearch | Product search and suggestions |
shopperBasketsV1 | Basket operations (legacy) |
shopperBasketsV2 | Basket operations (current) |
shopperCustomers | Customer accounts and profiles |
shopperOrders | Order history and details |
shopperLogin | SLAS authentication |
shopperPromotions | Promotions and campaigns |
shopperContext | Shopper session context |
shopperStores | Store locator |
shopperExperience | Page Designer content |
shopperGiftCertificates | Gift certificate operations |
shopperSeo | SEO metadata |
shopperConsents | Customer consent management |
auth | Authentication helpers. See Authentication. |
The client exports TypeScript types for all API schemas and operations.
API errors throw an ApiError with detailed information:
| Property | Type | Description |
|---|---|---|
status | number | HTTP status code |
statusText | string | HTTP status message |
body | ErrorDetail | Parsed error response |
rawBody | string | Raw response text |
headers | Headers | Response headers |
url | string | Request URL |
method | string | HTTP method |
All operations return both the parsed data and the raw response.
Add custom behavior to requests and responses:
The SCAPI client only supports the standard Shopper APIs provided by Salesforce B2C Commerce. Custom SCAPI endpoints aren’t currently supported by the client. To call custom SCAPI endpoints, use the native fetch API or another HTTP client.
- B2C Commerce API (SCAPI) - Official SCAPI documentation
- openapi-fetch - The underlying fetch client library