Setting Up OAuth with Retail Clouds's APIs

Retail Cloud supports OAuth for secure authentication with Retail Cloud's APIs and SPIs. This is done by configuring the OAUTH-OAuth SPI by entering the required URL, client secret, and headers. This setup allows the system to obtain an authentication token before making any other SPI calls.

To configure OAuth authentication for Retail Cloud APIs, you'll need to set up the OAUTH-OAuth SPI connector in CMS and then configure your individual SPIs to use the generated authentication tokens. The process involves two main steps: first establishing the OAuth connection, then applying it to your specific API integrations.

In CMS, go to Integrations > Custom Connectors.
Click Create in the upper right.
Under Connector Type, select "SPI".
Under Endpoint Name, select "OAUTH-OAuth".
Under API Endpoint, update it to add "grant_type=client_credentials" (for example, https://interdev.my.sf.com/services/oauth2/token?grant_type=client_credentials)
Set the Integration Type to "HTTP_POST".
Under JSON Headers, provide the authorization key. This can be done by following the below instructions:
1. Retrieve the ClientID and Clientfrom the External API.
2. Generate a Base64 concatenated ClientID+ Client Secret, with a colon (:) and a single space.
3. Insert this string under the JSON Headers, see below for an example:

There is a space after the word Basic and before the key, there is no colon needed above.
The basic token can be generated by concatenating the ClientID and Client Secret with a colon and space in between (e.g., “client_id: client_secret”).

In CMS, go to Integrations > Custom Connectors.
Click Create in the upper right.
Under Connector Type, select "SPI."
Under Endpoint Name, select an SPI (e.g., "SHIPPING_METHOD").
Scroll down to the OAuth Config settings.
Under OAuth Header To Set, set the header of your choice.
Under OAuth API Key, set the key as either "OAuth" or "OAUTH".
Configure the rest of the required fields.
Save your changes.