By integrating Salesforce Commerce Cloud (SFCC) with OwnID, you can implement the full set of OwnID features to simplify and streamline your user login experience.

How it Works

OwnID integrates with the SFCC built-in API client, using our native SFCC Connector and an SFCC cartridge.

Integrate OwnID with SFCC by completing these three basic steps:

Step 1 - Get SFCC Credentials.

Step 2 - Create an OwnID application in the OwnID Console.

Step 3 - Install the SFCC Cartridge.

Prerequisites

Download the Salesforce Commerce Cloud cartridge here.

Step 1 - Add SFCC Client

Integration requires you to create a new API Client in your SFCC instance.

Create Credentials

See: Add an API Client in B2C Commerce

  1. Log into the SFCC Account Manager.
  2. Select API Client from the left side menu.
  3. Click Add API Client.
  4. Enter “OwnID Integration” in Display Name.
  5. Enter a password.
  6. Assign your organization.
  7. Assign the following roles:
  • Sandbox API User
  • Salesforce Commerce Cloud
  1. In the Token Endpoint Auth Method, select private_key_jwt.
  2. Click Save Changes.
SFCC Account Manager API client setting screen Figure 1. Salesforce API Client Creation

Salesforce displays your Client Id and Secret. Save these values for later use.

Assign Permissions

  1. Go to Administration > Site Development > Open Commerce API Settings.

  2. Add the following JSON object to the shop tab:

shop tab
{
  "_v": "23.1",
  "clients": [
    {
      "allowed_origins": [
      ],
      "client_id": "Client ID",
      "resources": [
        {
          "resource_id": "/customers/auth/trustedsystem",
          "methods": [
            "post"
          ],
          "read_attributes": "(**)",
          "write_attributes": "(**)"
        },
        {
          "resource_id": "/sessions",
	           "methods": [
            "post"
          ],
          "read_attributes": "(**)",
          "write_attributes": "(**)"
        }
     ]
   }
 ]
}

  1. Change client_id value in the shop JSON to match the Client Id created in the previous step.

  2. If the OCAPI configuration is already in place, simply include the following resource into the resources section.

Insert Resource
{
  "resource_id": "/customers/auth/trustedsystem",
   "methods": [
       "post"
   ],
   "read_attributes": "(**)",
   "write_attributes": "(**)"
},
{
   "resource_id": "/sessions",
   "methods": [
       "post"
   ],
   "read_attributes": "(**)",
   "write_attributes": "(**)"
}
SFCC Account Manager data tab configuration with JSON sample Figure 2. Example JSON configuration in shop tab
  1. Add the following JSON object to the data tab:
data tab
{
  "_v": "23.1",
  "clients": [
    {
      "allowed_origins": [
      ],
      "client_id": "Your Client ID",
      "resources": [
       {
          "resource_id": "/customer_lists/*/customers/*",
          "methods": ["get", "patch"],
          "read_attributes": "(**)",
          "write_attributes": "(**)"
       },
       {
         "resource_id":"/customer_lists/*/customer_search",
         "methods": ["post"],
         "read_attributes": "(**)",
         "write_attributes": "(**)"
        },
   {
    "resource_id":"/ocapi_configs/*",
    "methods": ["get"],
    "read_attributes": "(**)",
    "write_attributes": "(**)"
   }
   ]   
  }
  ]
}
SFCC Account Manager Figure 3. Example JSON configuration in data tab
  1. Modify the client_id value in the JSON object to match the Client Id created in the previous step.

Securing User’s Personal Data

OwnID does not store or process any user data. Users’ public keys and device information are stored on your platform.

Private keys are kept exclusively on the user’s device and are never transmitted elsewhere.

Step 2 - Create OwnID Application

An OwnID App is what connects the existing identity provider used by your website with the OwnID widget you insert on the front end.

OwnID Widget OwnID widget

Each of your OwnID Apps acts as the central point of configuration for each of your integrations. These no-code Apps are created, hosted, and maintained entirely within the OwnID Console environment. When you create an App, it’s assigned a unique appId automatically. Use that appId in OwnID SDK interaction from your website’s front end.

To Create an OwnID App

  1. Login to the OwnID Console (or create your account).

  2. Click +Create Application from the Apps screen.

  3. Enter a name for your application in the App name field.

  4. From the Choose your integration panel, select the tile. Profile editor

  5. Click Next.

  6. Enter the URL to your application instance and click Continue. Profile editor

  7. Click Explore my App on the “Congratulations” popup. Profile editor

  8. From the OwnID Settings panel, copy the App ID and the Shared Secret for use in configuration on the side. Profile editor

Your OwnID application and secret key are created and you’re ready for next steps!
  1. Open the Salesforce integration page in the OwnID Console.
  2. Enter the Instance Hostname - e.g: xyzb-001.dx.commercecloud.salesforce.com (only the domain, without protocol).
  3. Enter a Site ID - e.g: RefArch (case sensitive).
  4. Enter the API Client ID (generated in the previous step).
  5. Enter the API Client Secret (generated in the previous step).
  6. Enter the SFCC Username (get it from the Account Manager).
  7. Enter the SFCC Password.
  8. Click Save Changes.
Salesforce Commerce integration page in the OwnID Console Figure 4. OwnID Console

Copy the appId so you can use it in the next step.

Step 3 - Install the SFCC Cartridge

  1. Upload and add the cartridge to the target site.
  2. Navigate to Merchant Tools > Site Preferences > Custom Preferences > OwnID and set the following preferences:
  3. Set EnableOwnId to true to display the OwnID widget.
  4. Env Select the OwnID production environment.
  5. Enter the AppId previously copied from the OwnID Console.
OwnID cartridge configuration page in SFCC Figure 5. OwnID Cartridge Configuration
Congratulations! Enjoy your passwordless authentication!

Next Steps

Ready to deploy?

YES!

Take me to the Deployment Checklist

Was this page helpful?

Using ConnectorsOkta