🇺🇸English
SCAPI Admin APIs
This skill guides you through consuming Admin APIs for backend integrations, data synchronization, and management operations. Admin APIs are designed for server-to-server integration, not storefront use.
Note: For shopper-facing APIs (products, baskets, checkout), see b2c-scapi-shopper. This skill focuses on admin/backend operations.
Overview
Admin APIs are designed for backend systems and integrations:
- Client : Backend services, ETL pipelines, management tools
- Authentication : Account Manager OAuth (client credentials)
- Response Time : < 60 seconds (HTTP 504 if exceeded)
- Usage : Moderate frequency, batch operations preferred
Base URL Structure
https://{shortCode}.api.commercecloud.salesforce.com/{apiFamily}/{apiName}/v1/organizations/{organizationId}/{resource}
Example:
https://kv7kzm78.api.commercecloud.salesforce.com/product/products/v1/organizations/f_ecom_zzte_053/products/25518823M
Note: Admin APIs typically don't require siteId parameter (unlike Shopper APIs).
Authentication
Admin APIs use Account Manager OAuth with client credentials flow.
Get Admin Token via CLI
# Get admin token (uses clientId/clientSecret from dw.json)
b2c auth token
# Get token with specific scopes
b2c auth token --auth-scope sfcc.orders --auth-scope sfcc.products
# Get token as JSON (includes expiration)
b2c auth token --json
See b2c-config skill for configuration details.
Get Token Programmatically
curl "https://account.demandware.com/dwsso/oauth2/access_token" \
--request 'POST' \
--user "${CLIENT_ID}:${CLIENT_SECRET}" \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data "grant_type=client_credentials" \
--data-urlencode "scope=SALESFORCE_COMMERCE_API:${TENANT_ID} ${SCOPES}"
Example:
CLIENT_ID="your-client-id"
CLIENT_SECRET="your-client-secret"
TENANT_ID="zzte_053"
SCOPES="sfcc.orders sfcc.products"
TOKEN=$(curl -s "https://account.demandware.com/dwsso/oauth2/access_token" \
-u "$CLIENT_ID:$CLIENT_SECRET" \
-d "grant_type=client_credentials" \
--data-urlencode "scope=SALESFORCE_COMMERCE_API:$TENANT_ID $SCOPES" \
| jq -r '.access_token')
Dual Scope Requirement
Admin APIs require two types of scopes :
- Tenant scope :
SALESFORCE_COMMERCE_API:{tenant_id} - grants access to the tenant
- API-specific scopes :
sfcc.catalogs, sfcc.orders.rw, etc. - grants API access
scope=SALESFORCE_COMMERCE_API:zzte_053 sfcc.catalogs sfcc.products.rw
See OAuth Scopes Reference for the complete scope list.
Account Manager Setup
- Log into Account Manager
- Navigate to API Client > Add API Client
- Configure:
- Display Name and Password (client secret)
- Assign Organizations (your B2C instances)
- Role: "Salesforce Commerce API"
- Token Endpoint Auth Method:
client_secret_post
- Access Token Format:
JWT
- Allowed Scopes: Add required scopes
- Copy the Client ID
API Families
Products API
Manage product catalog data.
// Get product
const product = await fetch(
`https://${shortCode}.api.commercecloud.salesforce.com/product/products/v1/organizations/${orgId}/products/${productId}`,
{
headers: { 'Authorization': `Bearer ${adminToken}` }
}
).then(r => r.json());
// Update product
await fetch(
`https://${shortCode}.api.commercecloud.salesforce.com/product/products/v1/organizations/${orgId}/products/${productId}`,
{
method: 'PATCH',
headers: {
'Authorization': `Bearer ${adminToken}`,
'Content-Type': 'application/json'
},
body: JSON.stringify({
name: { default: 'Updated Product Name' },
shortDescription: { default: 'New description' }
})
}
);
Required Scopes:
- Read:
sfcc.products
- Write:
sfcc.products.rw
Catalogs API
Manage catalog structure and assignments.
// List catalogs
const catalogs = await fetch(
`https://${shortCode}.api.commercecloud.salesforce.com/product/catalogs/v1/organizations/${orgId}/catalogs`,
{
headers: { 'Authorization': `Bearer ${adminToken}` }
}
).then(r => r.json());
// Get catalog details
const catalog = await fetch(
`https://${shortCode}.api.commercecloud.salesforce.com/product/catalogs/v1/organizations/${orgId}/catalogs/${catalogId}`,
{
headers: { 'Authorization': `Bearer ${adminToken}` }
}
).then(r => r.json());
Required Scopes:
- Read:
sfcc.catalogs
- Write:
sfcc.catalogs.rw
Orders API
Retrieve and manage orders.
// Get order by number
const order = await fetch(
`https://${shortCode}.api.commercecloud.salesforce.com/checkout/orders/v1/organizations/${orgId}/orders/${orderNo}?siteId=${siteId}`,
{
headers: { 'Authorization': `Bearer ${adminToken}` }
}
).then(r => r.json());
// Update order status
await fetch(
`https://${shortCode}.api.commercecloud.salesforce.com/checkout/orders/v1/organizations/${orgId}/orders/${orderNo}?siteId=${siteId}`,
{
method: 'PATCH',
headers: {
'Authorization': `Bearer ${adminToken}`,
'Content-Type': 'application/json'
},
body: JSON.stringify({
status: 'completed',
shippingStatus: 'shipped'
})
}
);
Required Scopes:
- Read:
sfcc.orders
- Write:
sfcc.orders.rw
Inventory Availability API
Manage product inventory.
// Get inventory for a product
const availability = await fetch(
`https://${shortCode}.api.commercecloud.salesforce.com/inventory/availability/v1/organizations/${orgId}/availability-records/search`,
{
method: 'POST',
headers: {
'Authorization': `Bearer ${adminToken}`,
'Content-Type': 'application/json'
},
body: JSON.stringify({
skus: ['SKU001', 'SKU002'],
locationIds: ['warehouse-1']
})
}
).then(r => r.json());
// Update inventory
await fetch(
`https://${shortCode}.api.commercecloud.salesforce.com/inventory/availability/v1/organizations/${orgId}/availability-records`,
{
method: 'PATCH',
headers: {
'Authorization': `Bearer ${adminToken}`,
'Content-Type': 'application/json'
},
body: JSON.stringify({
records: [{
sku: 'SKU001',
locationId: 'warehouse-1',
onHand: 100,
effectiveDate: new Date().toISOString()
}]
})
}
);
Required Scopes:
- Read:
sfcc.inventory.availability
- Write:
sfcc.inventory.availability.rw
Inventory IMPEX API
High-performance bulk inventory import. Use for 1000+ SKU updates.
Critical Requirements:
-
Files > 100MB MUST be gzip compressed
-
Use newline-delimited JSON (NDJSON), not comma-separated arrays
-
Don't run imports during location graph changes
-
Use delta imports (changed data only) for best performance
-
Future quantity values must be > 0
// Step 1: Initiate import
const importJob = await fetch(
https://${shortCode}.api.commercecloud.salesforce.com/inventory/impex/v1/organizations/${orgId}/availability-records/imports,
{
method: 'POST',
headers: {
'Authorization': Bearer ${adminToken},
'Content-Type': 'application/json'
},
body: JSON.stringify({})
}
).then(r => r.json());
// Step 2: Prepare newline-delimited JSON
const ndjsonData = inventoryRecords
.map(r => JSON.stringify({
recordId: r.recordId || crypto.randomUUID(),
sku: r.sku,
locationId: r.locationId,
onHand: r.quantity,
effectiveDate: new Date().toISOString()
}))
.join('\n');
// Step 3: Upload data to the uploadLink
await fetch(importJob.uploadLink, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: ndjsonData
});
// Step 4: Monitor status
const status = await fetch(importJob.importStatusLink, {
headers: { 'Authorization': Bearer ${adminToken} }
}).then(r => r.json());
Required Scope: sfcc.inventory.impex-inventory
Note: Inventory IMPEX logs don't appear in Log Center. Use correlation IDs and monitor import status directly.
See Integration Patterns Reference for bulk import best practices.
Customers API
Manage customer data.
// Search customers
const customers = await fetch(
`https://${shortCode}.api.commercecloud.salesforce.com/customer/customers/v1/organizations/${orgId}/customer-search?siteId=${siteId}`,
{
method: 'POST',
headers: {
'Authorization': `Bearer ${adminToken}`,
'Content-Type': 'application/json'
},
body: JSON.stringify({
query: {
textQuery: { fields: ['email'], searchPhrase: 'john@example.com' }
}
})
}
).then(r => r.json());
Required Scopes:
- Read:
sfcc.shopper-customers
- Write:
sfcc.shopper-customers.rw
Promotions API
Manage promotions and campaigns.
// Get promotion
const promotion = await fetch(
`https://${shortCode}.api.commercecloud.salesforce.com/pricing/promotions/v1/organizations/${orgId}/promotions/${promotionId}?siteId=${siteId}`,
{
headers: { 'Authorization': `Bearer ${adminToken}` }
}
).then(r => r.json());
// Update promotion
await fetch(
`https://${shortCode}.api.commercecloud.salesforce.com/pricing/promotions/v1/organizations/${orgId}/promotions/${promotionId}?siteId=${siteId}`,
{
method: 'PATCH',
headers: {
'Authorization': `Bearer ${adminToken}`,
'Content-Type': 'application/json'
},
body: JSON.stringify({
enabled: true,
startDate: '2024-06-01T00:00:00Z',
endDate: '2024-06-30T23:59:59Z'
})
}
);
Required Scopes:
- Read:
sfcc.promotions
- Write:
sfcc.promotions.rw
Request Tracking
Correlation IDs
Include correlation IDs for tracking requests across systems:
const correlationId = crypto.randomUUID();
const response = await fetch(url, {
headers: {
'Authorization': `Bearer ${adminToken}`,
'correlation-id': correlationId
}
});
console.log(`Request ${correlationId} completed`);
// Search Log Center: externalID:({correlationId})
Verbose Logging
Enable verbose logging for debugging:
const response = await fetch(url, {
headers: {
'Authorization': `Bearer ${adminToken}`,
'sfdc_verbose': 'true'
}
});
Check Log Center under scapi.verbose category.
Note: Some Admin APIs (CDN Zones, Inventory, Shopper Context) don't log to Log Center.
Error Handling
Common Errors
| Status | Meaning | Action |
|---|
| 400 | Bad Request | Check request body/parameters |
| 401 | Unauthorized | Token expired - get new token |
| 403 | Forbidden | Missing scope or tenant access |
| 404 | Not Found | Resource doesn't exist |
| 429 | Rate Limited | Implement backoff |
| 500 | Server Error | Retry with backoff |
| 504 | Timeout | Request took > 60 seconds |
Rate Limiting
Admin APIs have lower rate limits than Shopper APIs. For bulk operations:
- Use batch endpoints when available
- Implement exponential backoff for 429 responses
- Consider inventory IMPEX for large data imports
- Spread operations over time for non-urgent updates
Related Skills
- b2c-config - Get admin tokens via CLI
- b2c-scapi-shopper - Shopper-facing APIs
- b2c-scapi-schemas - Browse OpenAPI schemas
Reference Documentation
- OAuth Scopes Reference - Complete admin scope reference
- Integration Patterns - ETL, sync, and bulk import patterns
Weekly Installs
68
Repository
salesforcecomme…-tooling
GitHub Stars
34
First Seen
Feb 11, 2026
Security Audits
Gen Agent Trust HubPassSocketPassSnykPass
Installed on
github-copilot63
codex60
opencode59
cursor59
amp58
kimi-cli58
