b2c-slas

Use the b2c CLI plugin to manage SLAS (Shopper Login and API Access Service) API clients and credentials.

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "b2c-slas" with this command: npx skills add salesforcecommercecloud/b2c-developer-tooling/salesforcecommercecloud-b2c-developer-tooling-b2c-slas

B2C SLAS Skill

Use the b2c CLI plugin to manage SLAS (Shopper Login and API Access Service) API clients and credentials.

Important: SLAS is for shopper (customer) authentication used by storefronts and headless commerce. For admin tokens (OCAPI, Admin APIs), use b2c auth token

  • see b2c-config skill.

Tip: If b2c is not installed globally, use npx @salesforce/b2c-cli instead (e.g., npx @salesforce/b2c-cli slas client list ).

When to Use

Common scenarios requiring SLAS client management:

  • Testing Custom APIs: Create a client with custom scopes (e.g., c_loyalty ) to test your Custom API endpoints

  • PWA/Headless Development: Configure clients for composable storefronts

  • Integration Testing: Create dedicated test clients with specific scope sets

Examples

List SLAS Clients

list all SLAS clients for a tenant

b2c slas client list --tenant-id abcd_123

list with JSON output

b2c slas client list --tenant-id abcd_123 --json

Get SLAS Client Details

get details for a specific SLAS client

b2c slas client get my-client-id --tenant-id abcd_123

Create SLAS Client

create a new SLAS client with default scopes (auto-generates UUID client ID)

b2c slas client create --tenant-id abcd_123 --channels RefArch --default-scopes --redirect-uri http://localhost:3000/callback

create with a specific client ID and custom scopes

b2c slas client create my-client-id --tenant-id abcd_123 --channels RefArch --scopes sfcc.shopper-products,sfcc.shopper-search --redirect-uri http://localhost:3000/callback

create a public client

b2c slas client create --tenant-id abcd_123 --channels RefArch --default-scopes --redirect-uri http://localhost:3000/callback --public

create client without auto-creating tenant (if you manage tenants separately)

b2c slas client create --tenant-id abcd_123 --channels RefArch --default-scopes --redirect-uri http://localhost:3000/callback --no-create-tenant

output as JSON (useful for capturing the generated secret)

b2c slas client create --tenant-id abcd_123 --channels RefArch --default-scopes --redirect-uri http://localhost:3000/callback --json

Note: By default, the tenant is automatically created if it doesn't exist.

Warning: Use --scopes (plural) for client scopes, NOT --auth-scope (singular). The --auth-scope flag is a global authentication option for OAuth scopes.

Create Client for Custom API Testing

When testing a Custom API that requires custom scopes:

Create a private client with custom scope for testing

Replace c_my_scope with your API's custom scope from schema.yaml

b2c slas client create
--tenant-id zzpq_013
--channels RefArch
--default-scopes
--scopes "c_my_scope"
--redirect-uri http://localhost:3000/callback
--json

Output includes client_id and client_secret - save these for token requests

Important: The custom scope in your SLAS client must match the scope defined in your Custom API's schema.yaml security section.

Get a Shopper Token

Use b2c slas token to obtain a shopper access token for API testing:

Guest token with auto-discovery (finds first public SLAS client)

b2c slas token --tenant-id abcd_123 --site-id RefArch

Guest token with explicit client (public PKCE flow)

b2c slas token --slas-client-id my-client --tenant-id abcd_123 --short-code kv7kzm78 --site-id RefArch

Guest token with private client (client_credentials flow)

b2c slas token --slas-client-id my-client --slas-client-secret sk_xxx --tenant-id abcd_123 --short-code kv7kzm78 --site-id RefArch

Registered customer token

b2c slas token --tenant-id abcd_123 --site-id RefArch --shopper-login user@example.com --shopper-password secret

JSON output (includes refresh token, expiry, usid, etc.)

b2c slas token --tenant-id abcd_123 --site-id RefArch --json

Use token in a subsequent API call

TOKEN=$(b2c slas token --tenant-id abcd_123 --site-id RefArch) curl -H "Authorization: Bearer $TOKEN" "https://kv7kzm78.api.commercecloud.salesforce.com/..."

The --slas-client-id and --slas-client-secret can also be set via SFCC_SLAS_CLIENT_ID and SFCC_SLAS_CLIENT_SECRET environment variables, or slasClientId and slasClientSecret in dw.json.

Update SLAS Client

update the display name

b2c slas client update my-client-id --tenant-id abcd_123 --name "New Name"

rotate the client secret

b2c slas client update my-client-id --tenant-id abcd_123 --secret new-secret-value

add scopes (appends to existing by default)

b2c slas client update my-client-id --tenant-id abcd_123 --scopes sfcc.shopper-baskets

replace scopes instead of appending

b2c slas client update my-client-id --tenant-id abcd_123 --scopes sfcc.shopper-baskets --replace

replace channels

b2c slas client update my-client-id --tenant-id abcd_123 --channels RefArch,SiteGenesis --replace

Delete SLAS Client

delete a SLAS client

b2c slas client delete my-client-id --tenant-id abcd_123

Configuration

The tenant ID can be set via environment variable:

  • SFCC_TENANT_ID : SLAS tenant ID (organization ID)

More Commands

See b2c slas --help for a full list of available commands and options in the slas topic.

Related Skills

  • b2c:b2c-custom-api-development

  • Creating Custom APIs that require SLAS authentication

  • b2c-cli:b2c-scapi-custom

  • Checking Custom API registration status

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.