@salesforce/b2c-tooling-sdk / auth
auth ​
Authentication strategies for B2C Commerce APIs.
This module provides different authentication mechanisms for connecting to B2C Commerce instances and platform services.
Available Strategies ​
- BasicAuthStrategy - Username/password authentication for WebDAV operations
- OAuthStrategy - OAuth 2.0 client credentials for OCAPI and platform APIs
- ImplicitOAuthStrategy - Interactive browser-based OAuth for CLI/desktop apps
- ApiKeyStrategy - API key authentication for MRT services
Strategy Resolution ​
Use resolveAuthStrategy to automatically select the best strategy based on available credentials and allowed methods:
typescript
import { resolveAuthStrategy } from '@salesforce/b2c-tooling-sdk';
// Automatically picks client-credentials if secret available, otherwise implicit
const strategy = resolveAuthStrategy({
clientId: 'your-client-id',
clientSecret: process.env.CLIENT_SECRET, // may be undefined
});
// Force a specific method
const implicitOnly = resolveAuthStrategy(
{ clientId: 'your-client-id' },
{ allowedMethods: ['implicit'] }
);Direct Usage ​
All strategies implement the AuthStrategy interface:
typescript
import { OAuthStrategy, ImplicitOAuthStrategy } from '@salesforce/b2c-tooling-sdk';
// For automated/server usage (client credentials)
const oauthAuth = new OAuthStrategy({
clientId: 'your-client-id',
clientSecret: 'your-client-secret',
});
// For interactive/CLI usage (opens browser)
const implicitAuth = new ImplicitOAuthStrategy({
clientId: 'your-client-id',
});Classes ​
- ApiKeyStrategy
- AuthMiddlewareRegistry
- BasicAuthStrategy
- ImplicitOAuthStrategy
- OAuthStrategy
- StatefulOAuthStrategy
Interfaces ​
- AccessTokenResponse
- ApiKeyAuthConfig
- AuthConfig
- AuthCredentials
- AuthMiddleware
- AuthMiddlewareProvider
- AuthStrategy
- AvailableAuthMethods
- BasicAuthConfig
- DecodedJWT
- ImplicitOAuthConfig
- OAuthAuthConfig
- OAuthConfig
- ResolveAuthStrategyOptions
- StatefulOAuthStrategyOptions
- StatefulSession