SFCC Integration Guide

complete guide for integrating sfcc with forter agentic orchestration this guide is specifically for merchants using salesforce commerce cloud (sfcc) for other platforms, see docid\ bjwnwn2n w7estjevmtuw or docid vqiw7gafurh6uqnfgp9v how it works with sfcc integration, forter pulls your product catalog via sfcc ocapi (shop api) generates and maintains the ai optimized feed automatically creates orders directly in your sfcc instance via ocapi basket/order apis you provide ocapi credentials you implement nothing forter handles everything prerequisites before starting, ensure you have sfcc instance — sandbox or production business manager access ocapi permissions — ability to configure ocapi settings and create api clients forter account — contact your forter representative to enable agentic orchestration tax nexus list — us states where you collect sales tax step 1 configure sfcc ocapi credentials a configure shop api settings log in to sfcc business manager navigate to administration > site development > open commerce api settings click on shop api tab add this json configuration { " v" "23 1", "clients" \[ { "client id" "forter agentic commerce", "allowed origins" \[], "resources" \[ { "resource id" "/products/ ", "methods" \["get"], "read attributes" "( )", "write attributes" "()" }, { "resource id" "/product search", "methods" \["get", "post"], "read attributes" "( )", "write attributes" "()" }, { "resource id" "/categories/ ", "methods" \["get"], "read attributes" "( )", "write attributes" "()" }, { "resource id" "/baskets/ ", "methods" \["get", "post", "put", "patch"], "read attributes" "( )", "write attributes" "( )" }, { "resource id" "/orders/ ", "methods" \["get", "post"], "read attributes" "( )", "write attributes" "( )" } ] } ] } click save key points client id must be forter agentic commerce (or your chosen name) read only for products/categories read/write for baskets/orders (required for checkout) b enable account manager navigate to administration > organization > account manager if not enabled, click enable account manager follow the prompts to complete setup c create api client navigate to administration > site development > open commerce api settings > api client click add api client fill in the details client name forter agentic commerce client id forter agentic commerce (must match the client id in ocapi settings) token endpoint auth method client secret post access token format jwt scopes (select all that apply) ☑ salesforce commerce api {tenant id} shopper products read ☑ salesforce commerce api {tenant id} shopper categories read ☑ salesforce commerce api {tenant id} shopper search read ☑ salesforce commerce api {tenant id} shopper baskets orders allowed grant types ☑ client credentials redirect uris (leave empty) click save important copy the client secret immediately it's only shown once! d test your credentials test with curl to ensure everything works \# get access token curl x post https //account demandware com/dwsso/oauth2/access token \\ h "content type application/x www form urlencoded" \\ u "forter agentic commerce\ your client secret" \\ d "grant type=client credentials" \# test product access curl x get "https //your instance demandware net/s/your site id/dw/shop/v23 1/product search?count=10" \\ h "authorization bearer your access token" if successful, you'll receive product data step 2 configure in forter portal log in to the forter portal and navigate to integrations > sfcc a basic store information field description example store title your store name "my custom sfcc store" store url your storefront url "https //www mycustomstore com" logo url url to your logo "https //www mycustomstore com/logo png" currency primary currency "usd" origin country shipping origin "us" origin region state/region "ca" b sfcc platform configuration field description example platform select platform type "sfcc" sfcc instance url your sfcc instance "https //dev01 mycustomstore demandware net" site id your site identifier "sitegenesis" or "refarch" ocapi client id from step 1c "forter agentic commerce" ocapi client secret from step 1c •••••••• (encrypted) ocapi version api version "v23 1" or your instance version c store policies field description terms of service url link to your terms privacy policy url link to your privacy policy return policy url link to your return policy return window (days) days allowed for returns (e g , 30 ) d tax configuration field description example tax nexus regions us states where you collect sales tax \["ca", "ny", "tx"] e order management field description example order status url template url for order tracking "https //mycustomstore com/orders/{order id}" the {order id} placeholder will be replaced with the sfcc order number step 3 payment & fraud settings (optional) by default, you handle payment validation and authorization on your sfcc instance this section is only needed if you want forter to handle fraud detection and payments option a merchant side validation/authorization (default) what happens forter creates orders in sfcc with payment references sfcc processes payments through your existing payment provider sfcc handles fraud checks through your existing rules configuration no additional setup needed this is the default behavior settings in portal enable forter validation false (default) enable forter authorization false (default) enable forter capture false (default) option b forter side validation/authorization (optional) what happens forter validates orders for fraud before creating them in sfcc forter authorizes/captures payments via forter payment orchestration orders are created in sfcc with completed payment status configuration required contact your forter representative to obtain field description validation api key forter fraud detection credentials payment api key forter payment orchestration credentials settings in portal enable forter validation true enable forter authorization true enable forter capture true (or false for manual capture) step 4 catalog sync & testing a initiate first sync after configuring sfcc credentials in the portal forter automatically tests the ocapi connection initial catalog sync begins (pulls all products via ocapi) products are normalized to ai optimized format feed is distributed to ai platforms processing time < 10,000 products minutes 10,000 100,000 products under an hour > 100,000 products a few hours b verify catalog check that products were synced by updating inventory for a test product curl x post \\ https //{site id} agentic checkouttools com/v1/inventory \\ h "authorization bearer your forter api key" \\ h "content type application/json" \\ d '{ "id" "test sku 001", "quantity" 100 }' if the product exists, you'll receive { "success" true, "updated" 1, "results" \[{ "success" true, "id" "test sku 001" }] } c test checkout flow test end to end checkout in the test environment 1\ create a checkout session curl x post \\ https //{site id} agentic checkouttools com/checkout sessions \\ h "authorization bearer sk test your api key" \\ h "content type application/json" \\ h "idempotency key test 001" \\ d '{ "items" \[{ "id" "test sku 001", "quantity" 1 }], "buyer" { "first name" "test", "email" "test\@example com" } }' 2\ add shipping and complete order curl x post \\ https //{site id} agentic checkouttools com/checkout sessions/{session id}/complete \\ h "authorization bearer sk test your api key" \\ h "content type application/json" \\ d '{ "fulfillment address" { "name" "test user", "line one" "123 test st", "city" "san francisco", "state" "ca", "postal code" "94102", "country" "us" }, "payment data" { "token" "tok test visa 4242", "provider" "test" } }' 3\ verify order in sfcc business manager the order should appear in merchant tools > ordering > orders step 5 go live production checklist replace test ocapi credentials with production credentials update forter portal with production sfcc instance url verify production catalog sync completes successfully test at least one production order end to end configure monitoring and alerting enable ai platform distribution (openai, google, etc ) monitoring use the forter portal to monitor catalog health — product count, sync status, errors order volume — checkout sessions, completions, failures ocapi usage — api call volume, rate limits error rates — failed checkouts, sfcc api errors troubleshooting "invalid ocapi credentials" solution verify client id matches ocapi shop api settings check client secret (no extra spaces) ensure scopes include required tenant id wait 5 10 minutes for settings to propagate "insufficient permissions" solution check ocapi shop api resources include /baskets/ and /orders/ verify api client scopes include shopper baskets orders confirm ocapi version matches your instance products not syncing solution test ocapi product search endpoint with curl check sfcc rate limits (100 req/10s) review forter portal logs for sync errors verify products are online and searchable in sfcc orders not appearing in sfcc solution verify basket creation permissions in ocapi settings check sfcc business manager for failed orders review forter portal logs for ocapi errors confirm site id is correct sfcc specific considerations rate limits sfcc ocapi has rate limits 100 requests per 10 seconds 1000 requests per minute forter automatically handles rate limiting with exponential backoff catalog size for large catalogs (>100k products), consider enabling sfcc search result pagination monitoring initial sync duration using inventory updates for real time changes multiple sites if you have multiple sfcc sites configure each site as a separate integration in forter portal each site gets its own api credentials and configuration orders are routed to the correct site based on site id quick reference required ocapi resources { "products" \["get"], "product search" \["get", "post"], "categories" \["get"], "baskets" \["get", "post", "put", "patch"], "orders" \["get", "post"] } required ocapi scopes shopper products read shopper categories read shopper search read shopper baskets orders next steps docid 6rphy3nxucxydo2hqs4uz — product data synchronization details docid\ km96iibvro23zb4davure — payment processing and order management docid\ g4axxwobilsi4gmhzdnuq — common questions support for sfcc specific integration questions, contact your forter representative or email mailto\ support\@forter com