Auth Commands

Commands for authentication and token management.

b2c auth token

Get an OAuth access token for use in scripts or other tools.

Usage

b2c auth token

Flags

Flag	Environment Variable	Description
--client-id	SFCC_CLIENT_ID	Client ID for OAuth
--client-secret	SFCC_CLIENT_SECRET	Client Secret for OAuth
--scope	SFCC_OAUTH_SCOPES	OAuth scopes to request (can be repeated)
--account-manager-host	SFCC_ACCOUNT_MANAGER_HOST	Account Manager hostname (default: account.demandware.com)

Examples

# Get a token with default scopes
b2c auth token --client-id xxx --client-secret yyy

# Get a token with specific scopes
b2c auth token --scope sfcc.orders --scope sfcc.products

# Output as JSON (useful for parsing)
b2c auth token --json

# Using environment variables
export SFCC_CLIENT_ID=my-client
export SFCC_CLIENT_SECRET=my-secret
b2c auth token

Output

The command outputs the access token:

eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...

With --json:

{"token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...","expires_in":1799}

Use Cases

Scripting

Use the token in shell scripts:

TOKEN=$(b2c auth token)
curl -H "Authorization: Bearer $TOKEN" https://my-instance.demandware.net/s/-/dw/data/v24_3/sites

CI/CD Pipelines

Get a token for use with other tools:

export SFCC_TOKEN=$(b2c auth token --json | jq -r '.token')

Testing API Calls

Quickly get a token for testing OCAPI or SCAPI:

b2c auth token | pbcopy  # macOS: copy to clipboard

---

Authentication Overview

For complete authentication setup instructions, see the Authentication Setup Guide.

Quick Reference

Operation	Auth Required
Code deploy/watch	WebDAV credentials
Code list/activate/delete, Jobs, Sites	OAuth + OCAPI configuration
SCAPI commands (eCDN, schemas, custom-apis)	OAuth + SCAPI scopes
Sandbox, SLAS	OAuth + appropriate roles
MRT	API Key

See Configuration for setting up credentials via environment variables or config files.

TIP

Each command page below documents its specific authentication requirements including required scopes.