Skip to main content

Maintain Your B2C Commerce Cloud Developer Certification for Spring ’25

Learning Objectives

After completing this unit, you’ll be able to:

  • Write custom script code with SCAPI Custom APIs.
  • Patch product variations with OCAPI and SCAPI.
  • Adapt for third-party cookie restrictions.
  • Monitor rogue query limits in B2C Commerce.
  • Achieve enhanced security with TLS v1.3.
  • Make product and price book updates with granular replication.
  • Stream logs from Log Center.
  • Enable the new Business Manager UI.

Maintain Your Certification

If you hold the B2C Commerce Cloud Developer certification, keep in mind that you need to complete this module by the due date to maintain your certification.

Interested in learning more about getting certified? Check out the B2C Commerce Cloud Developer certification.

Note

While anyone can earn this badge, this module is designed for those who hold the B2C Commerce Cloud Developer certification.

Protect the Integrity of Your Certification

The quality of our certification exams and the value that they provide are our highest priority. Protecting the security and confidentiality of our exams is essential to providing our customers with certifications that are respected and industry-leading.

As a participant in the Salesforce Certification Program, you’re required to accept the terms of the Salesforce Certification Program Agreement. Please review the Salesforce certification exam-taking policies in the Salesforce Certification Program Agreement and Code of Conduct Trailhead Help article for more details.

The Salesforce B2C Commerce Cloud Developer certification is designed for individuals who have experience as full-stack developers for Salesforce B2C Commerce Cloud. Certification demonstrates an individual has the knowledge and skills to develop an ecommerce solution using B2C Commerce Cloud.

Salesforce has introduced many feature enhancements over the past year. Let’s take a look at some of the more important ones for B2C Commerce Cloud developers.

Write Custom Script Code with SCAPI Custom API

Build a wide range of applications, from full storefronts to custom merchant tools for Business Manager, using custom APIs. Developers can work with custom script code using SCAPI, the Salesforce Commerce API. SCAPI Custom APIs became generally available (GA) in early 2024.

What's SCAPI?

The B2C Commerce API (SCAPI) is a collection of RESTful APIs for interacting with B2C Commerce instances. It goes by a few different names: Salesforce Commerce API, the acronym SCAPI, or just Commerce API. SCAPI is a framework for APIs that provides a variety of capabilities, such as Shopper Login to support multiple identity providers, Shopper Context to personalize storefront experiences, and now Custom APIs.

Custom API

Custom APIs are a powerful way to extend the API surface area for your implementations. Developers can customize SCAPI to add filters or modify responses before they get sent back to the calling application. Developers can write custom script code, such as controllers, and expose this functionality as a custom REST API under the SCAPI framework.

SCAPI

B2C Commerce has two REST API products: the Open Commerce API (OCAPI) and SCAPI. Salesforce recommends using SCAPI instead of Open Commerce API (OCAPI) for all new projects or any major refactoring work. OCAPI has been in the platform since 2014, and SCAPI was introduced in 2020.

Since SCAPI became GA, Salesforce feature development and innovation will focus on SCAPI. OCAPI isn't going away, but OCAPI updates are now in a maintenance-only mode. SCAPI performance, capabilities, and user-friendliness for developers will continue to improve. New SCAPI endpoints and features are being added regularly.

Custom API Feature Updates

Here’s a list of feature updates for the GA release. Some require special attention, as they can break existing implementations.

  1. Custom scopes are introduced to enhance security compliance, which might break existing implementations.
    1. Both ShopperToken and AmOauth2 security schemes use custom scopes.
    2. Each endpoint must be configured with exactly one scope, included in the corresponding authentication token.
  2. Storefront quota limits are now checked, which could break existing implementations.
  3. Script API enhancements allow developers to easily create success and error responses.
  4. The API contract (OAS schema file) now supports local references of shared objects that can be reused in different places within the schema.
  5. Custom APIs contain a Circuit Breaker mechanism, a protective measure that blocks API requests when the error rate is too high.

For more information, check out the developer guide on Custom APIs.

Patch Product Variations with OCAPI and SCAPI

Developers can save time and effort managing product bundles thanks to new enhancements to the OCAPI Baskets API and SCAPI Shopper Baskets API. Both APIs now support patching variations within product bundles in a single call. You can update multiple variations within a bundle more efficiently, without needing multiple API calls.

To batch update items in B2C Commerce Basket APIs, consult the SCAPI or OCAPI documentation.

Go to Salesforce Developers | B2C Commerce API | Shopper Baskets V1 | Endpoints | updateItemsInBasket

Patch:

https://{shortCode}.api.commercecloud.salesforce.com/checkout/shopper-baskets/v1/organizations/{organizationId}/baskets/{basketId}/items

Go to Salesforce Developers | B2C Commerce API | Shop Baskets, Endpoints | Update basket line items

Patch:

https://{host}/s/{siteId}/dw/shop/v24_5/baskets/{basket_id}/items/{item_id}

This update improves the overall developer experience and increases productivity for developers managing complex product bundles.

Salesforce B2C Commerce offers a new feature toggle that enables partitioned cookies. The partitioned cookie toggle is available in Business Manager with the default value set to disabled. Developers can prepare for upcoming industry browser changes to ensure that B2C Commerce functions as needed.

Google Chrome is phasing out support for third-party cookies. With the change, Chrome disables third-party cookies that originate from a separate hostname and aren’t partitioned. The loss of support for third-party cookies can affect B2C Commerce capabilities such as the Storefront Toolkit and some Page Designer preview functionality.

Partitioned Cookie Toggle

If you enable the partitioned cookies toggle, some issues can result within Storefront Reference Architecture (SFRA), Progressive Web App Kit (PWA-kit), or custom code. Before you enable the partitioned cookies toggle on a production instance, Salesforce recommends that you test your storefronts on staging or development instances. This allows you to identify issues or unexpected behaviors and resolve them before deploying to your live production instance. If the Storefront Toolkit or Page Designer preview stops working and enabling the feature on Chrome isn’t an option, try using a different browser, such as Firefox, as a workaround.

To enable the partitioned cookie toggle in Business Manager, select Administration | Global Preferences | Feature Switches. When the toggle is enabled, a partitioned attribute is added to cookies created from the B2C Commerce servers. The attribute is added to cookies created through controllers, pipelines, or platform code. Google continues to accept cookies created from B2C Commerce servers and assigned the partitioned attribute.

Partitioned Cookie Explicit Expiry Mode

Admins can also use the new Partitioned Cookie Explicit Expiry Mode to control if an expired partitioned cookie is sent for an existing partitioned cookie. Admins set one of these values.

  • None: An expired partitioned cookie isn’t sent and hence doesn’t clear the existing partitioned cookies. (This state represents the behavior of the B2C Commerce 24.1 release.)
  • Compatible Clients (default value): If the user agent of the client (browser) is Chromium (Chrome, Edge, and Opera), the expired partitioned cookie is sent.
  • All: Always sends the expired partitioned cookie. Use this setting if enabling and disabling the partitioned cookies caused issues, for example, with login or iOS Apps.

Feature switch for Partitioned Cookie Explicit Expiry Mode highlighted to show default setting of Compatible_Clients.

Change the Partitioned Cookies Explicit Expiry Mode.

  • If you experience issues with expired partitioned cookies after enabling the Partitioned Cookies toggle, set Partitioned Cookies Explicit Expiry Mode to All.
  • If you observe any issues with apps or any non-browser clients receiving duplicate cookies, set Partitioned Cookies Explicit Expiry Mode to None.

Monitor Rogue Query Limits in B2C Commerce

To maintain system performance, B2C Commerce now restricts rogue queries that produce 10,000 results or more. Developers want to be aware of these limits when building and testing their applications, since a developer will receive an error message if they exceed the limit.

This restriction applies to queries configured in Business Manager or:

  • Queries using these OCAPI Shop APIs
    • customer_search
    • order_search
  • Queries using SCAPI get orders

When a customer generates a rogue query made through an API call, the query will return an error message specifying that the offset value needs to be set to under 10,000. A manual query made in Business Manager will fail without an error message in the UI, similar to the experience for timeouts.

The error message that is returned by SCAPI/OCAPI: 

Search request offset <value> is greater than offset limit 10000 for tenant '<GroupID>_<Instance'>, type 'order']

To mitigate the risk of running a query with too many results, use targeted filters and offset values that limit results when querying data.

Achieve Enhanced Security with TLS v1.3

To provide enhanced security, the B2C Commerce service framework now supports transport layer security TLS v1.3 for outgoing HTTP calls. Developers should ensure compatibility with this new standard when working with external services.

TLS v1.3 offers modern encryption standards that protect against known vulnerabilities, and it supports secure integration with third-party partners. Contact Support for assistance if you encounter connectivity issues while using TLS v1.3.

It's important to note that TLS 1.0 and 1.1 have been disabled for both inbound and outbound connections, making TLS 1.2 and TLS 1.3 the only supported protocols. Developers are required to use TLS 1.2 as the minimum standard to ensure compliance with industry best practices for security and data integrity.

Make Product and Price Book Updates with Granular Replication

Use the granular replication feature to select specific products and price table entries for replication from staging to production. Granular replication complements existing data replication methods by allowing small, targeted updates to production data as needed.

You can make granular data updates from staging to production for three replication groups.

  • Products: Update specific products.
  • Price Books: Update specific price table entries.
  • Content Assets: Update specific content assets.

To use granular replication, you must activate the feature in your staging and production environments. In Business Manager | Administration | Global Preferences | Feature Switches, select the Granular Replication feature switch.

Ensure your data remains current and changes are made precisely when needed without full-scale overhauls. This feature lets you make small updates to existing content in production on an as-needed basis. Granular replication is meant to complement and enhance existing data replications, not replace them.

Stream Logs from Log Center

Log Center now supports log streaming into third-party log aggregation tools, enabling developers to monitor and automate log management at scale. Log Center supports streaming into third-party log aggregation tools such as Splunk, Datadog, New Relic, Grafana Loki, or through a generic HTTP connection. This enhancement enables enterprise-scale monitoring and automation capabilities for Log Center users.

Log Center has an easy to use log streaming configuration UI for setup and filtering criteria for logs. Here’s a high-level overview of the steps.

  1. Log in to Log Center.
  2. Select the Log Streaming tab and choose the third-party log aggregation tool you want to integrate with.
  3. Click Log Streaming Configurations. Unless labeled as optional, all entries and steps are required.
  4. Configure the necessary settings, such as API keys, endpoints, and any filtering criteria.
  5. Save your configurations to stream logs into your preferred log aggregation tool for enhanced monitoring and automation capabilities.

For further details about setup, notifications, or frequently asked questions, see Set Up Log Streaming.

Enable the New Business Manager UI

Switch to the new Business Manager UI for a fresh, user-friendly design with enhanced tooltips and added features. The new design includes improved tooltips, added spacing, and text box padding. It includes banner and home page alerts and adds favorites, store IDs, and catalog insights to the home page. You can switch back to the classic UI if something isn’t working as expected.

To switch to the new UI, in Business Manager, select My Profile | Preferences | Preferred UI Style. Then select Modern.

Sum It Up

You’ve learned about some of the most important Salesforce feature releases over the past year, such as SCAPI enhancements, changes to cookie restrictions and rogue query limits, and support for TLS v1.3. You also reviewed granular replication for products and price table entries, log streaming from Log Center, and the new Business Manager UI. Now it’s time to test your understanding of these topics and complete the quiz to maintain your B2C Commerce Developer certification.

Resources

Share your Trailhead feedback over on Salesforce Help.

We'd love to hear about your experience with Trailhead - you can now access the new feedback form anytime from the Salesforce Help site.

Learn More Continue to Share Feedback