MeshMesh
Guides

Connect B2C Commerce Cloud

Set up B2C Commerce Cloud as an integration in MeshMesh

Connect B2C Commerce Cloud

This guide walks you through connecting your Salesforce B2C Commerce Cloud (SFCC) instance to MeshMesh. Once connected, MeshMesh can deploy code, manage WebDAV files, run jobs, manage sandboxes, and more.

What You Need

You'll need access to two Salesforce systems:

  • Account Manager — to create an API Client (ask your admin if you don't have access)
  • Business Manager — to configure OCAPI and WebDAV permissions

Prerequisites

Before you begin, make sure you have:

  • A B2C Commerce Cloud instance (sandbox or production)
  • Access to Account Manager (or an admin who can create an API Client for you)
  • Access to Business Manager on your instance

Step 1: Create an API Client

No Account Manager Access?

If you can't access Account Manager, ask your admin to create an API Client for you and send you the Client ID and Client Secret. They should follow the steps below.

Log in to Account Manager

Go to account.demandware.com and log in.

Create the API Client

Navigate to API Client in the left menu and click Add API Client.

Fill in:

  • Display Name: A descriptive name (e.g., "MeshMesh Agent")
  • Password: Generate a strong secret — this is your Client Secret. Save it securely.
  • Token Endpoint Auth Method: Select client_secret_basic

The B2C CLI only supports client_secret_basic. Do not use client_secret_post or private_key_jwt.

Configure Default Scopes

Under Default Scopes, add these scopes:

ScopePurpose
mailRequired for authentication flows
rolesReturns role information in the token
tenantFilterReturns tenant access information
openidRequired for OpenID Connect

Without roles and tenantFilter, the OAuth token comes back empty and nothing works.

Assign Roles

Under the API Client's Roles section, add:

RoleWhen NeededTenant Filter
Salesforce Commerce APISCAPI commands, eCDN, CIP analyticsYour tenant IDs (e.g., zzxy_prd)
Sandbox API UserODS sandbox management, SLAS client managementYour realm/org IDs

For each role, configure the Tenant Filter with the tenant IDs or realm IDs you need to access.

Step 2: Configure OCAPI Permissions

OCAPI permissions are needed for code management, job execution, and site operations. These are configured per-instance in Business Manager.

Open OCAPI Settings

In Business Manager, navigate to Administration > Site Development > Open Commerce API Settings and select the Data API type.

Add the Configuration

Add a JSON configuration for your API Client ID:

Step 3: Configure WebDAV Client Permissions

WebDAV permissions are needed for file operations like code deployment, site import/export, and log access.

Open WebDAV Settings

In Business Manager, navigate to Administration > Organization > WebDAV Client Permissions.

Add the Configuration

Add this JSON configuration for your API Client ID:

{
  "clients": [
    {
      "client_id": "your-client-id",
      "permissions": [
        {"path": "/cartridges", "operations": ["read_write"]},
        {"path": "/impex", "operations": ["read_write"]},
        {"path": "/logs", "operations": ["read_write"]}
      ]
    }
  ]
}

Replace your-client-id with your actual API Client ID.

PathUsed For
/cartridgesCode deployment
/impexSite import/export
/logsLog file access

Add more paths as needed (e.g., /catalogs/<catalog-id> for catalog files, /libraries/<library-id> for content libraries).

Step 4: Add the Integration in MeshMesh

Open Integrations

In MeshMesh, go to Integrations and select B2C Commerce Cloud.

Enter Your Credentials

Fill in the required fields:

FieldValue
Server HostnameYour instance hostname (e.g., myinstance.demandware.net)
Client IDThe API Client ID from Account Manager
Client SecretThe password you set on the API Client

Optional fields for advanced operations:

FieldWhen Needed
Code VersionDefault code version for deployments
Tenant IDFor SCAPI/eCDN commands (format: zzxy_prd)
Short CodeFor SCAPI commands
MRT API KeyFor Managed Runtime deployments

Attach to a Task

Add the B2C Commerce integration to any task that needs to interact with your Commerce Cloud instance.

What MeshMesh Handles Automatically

Once the integration is added and attached to a task:

  • OAuth authentication is handled per command — no manual login needed
  • Server hostname is auto-injected — no need to specify --server
  • Credentials are secure — the agent never sees your Client Secret
  • Token refresh happens automatically on each interaction

Just describe what you want to do in natural language, and MeshMesh takes care of the rest.

Troubleshooting

Optional: SCAPI Scopes

For advanced operations (eCDN, SCAPI schemas, custom APIs), add these scopes to your API Client's Default Scopes:

ScopePurpose
sfcc.cdn-zoneseCDN read operations
sfcc.cdn-zones.rweCDN write operations
sfcc.scapi-schemasSCAPI schema browsing
sfcc.custom-apisCustom API status

Working with Multiple Orgs

Best practices for multi-org and cross-org workflows like migrations and duplicating configurations

Adding Integrations

Connect additional services and custom MCPs to MeshMesh

On this page

Connect B2C Commerce CloudPrerequisitesStep 1: Create an API ClientLog in to Account ManagerCreate the API ClientConfigure Default ScopesAssign RolesStep 2: Configure OCAPI PermissionsOpen OCAPI SettingsAdd the ConfigurationStep 3: Configure WebDAV Client PermissionsOpen WebDAV SettingsAdd the ConfigurationStep 4: Add the Integration in MeshMeshOpen IntegrationsEnter Your CredentialsAttach to a TaskWhat MeshMesh Handles AutomaticallyTroubleshootingOptional: SCAPI Scopes