How to migrate

The simple steps you need to take to make sure your integration is up-to-date with the new Authentication API

We've recently migrated the whole authentication process to our new Authentication API. The legacy endpoints, scope syntax, and SSO using a custom org-specific secret key are no longer supported since November 2024. If you need to manage any projects or Commerce Layer integrations that still leverage the old way of authenticating, please follow the steps below to update them.

To migrate to the new authentication process you just need a couple of tweaks to your current codebase:

Change the authentication endpoint from https://yourdomain.commercelayer.io/oauth to https://auth.commercelayer.io/oauth
Stop using the market and/or stock location number (e.g.: market:1234) when including a scope and start using the new syntax with the ID or the code (e.g. market:id:xYZkjABcde or market:code:europe).
If you're still leveraging a custom org-specific secret key to sign a manually built JWT for SSO, switch to the JWT bearer flow with a proper assertion.

Last updated 1 month ago