Seamless Cross Cloud Identity Solution Kit
DOWNLOAD
First things first !
To download this implementation guide, click the download button below.
If you need more information about the implementation guide, you can read the Table of Contents below.
Implement Seamless
CrossCloud Identity
Salesforce Spring
salesforcedocs
Last updated November
Copyright Salesforce Inc All rights reserved Salesforce is a registered trademark of Salesforce Inc as are other
names and marks Other marks appearing herein may be trademarks of their respective owners
CONTENTS
Implement Seamless CrossCloud Identity
Solution Architecture
Seamless Identity Solution Workflow
Design Considerations
Configurations
IMPLEMENT SEAMLESS CROSSCLOUD IDENTITY
Unify customer data with a single identity for each customer across your ecommerce sites and your communities Enable one identity
and give the customer visibility through the entire product catalog
Get Started
Explore system architecture related to this solution
BC Industry Blueprint
BC Reference Architecture
BC Solution Architectures
Take Trailhead modules related to this solution
Salesforce Solution Kits Quick Look
Customer Guide for Retail Quick Look
Customer Guides Quick Look
This solution kit helps you
Enable one identity and log in across Commerce Cloud and Experience Cloud
Transfer the customer to the ecommerce site without having to log in with different credentials
Give the customer visibility through the entire product catalog and complete orders
Provide better customer experience
Required Products
Product PreRequisites
Experience Cloud
Salesforce Identity
Commerce Cloud Digital
License Requirement
Experience Cloud and Salesforce Identity
Implement Seamless CrossCloud Identity
Solution Architecture
Implement This Solution
Solution Architecture
Discover how use cases map to solutions with a visual illustration See how recommended products integrate with back end systems
and how data is passed between them when you implement seamless crosscloud identity
Seamless Identity Solution Workflow
Learn how data flows through the configurations to implement seamless crosscloud identity
Design Considerations
Keep these design considerations in mind when you implement seamless crosscloud identity
Configurations
Use these configurations to implement seamless crosscloud identity
Solution Architecture
Discover how use cases map to solutions with a visual illustration See how recommended products integrate with back end systems
and how data is passed between them when you implement seamless crosscloud identity
Related Content
Review this solutions use case and purpose
Implement Seamless CrossCloud Identity on page
Take the next steps in this implementation
Seamless Identity Solution Workflow
Design Considerations
Configurations
Implement Seamless CrossCloud Identity
Seamless Identity Solution Workflow
Seamless Identity Solution Workflow
Learn how data flows through the configurations to implement seamless crosscloud identity
Workflow
The customer requests to create a profile
The customers profile is created in Salesforce Identity
The customers profile is created in the Salesforce Community
Implement Seamless CrossCloud Identity
Seamless Identity Solution Workflow
The customer requests to create a profile
The customers profile is created in BB Commerce
The customers profile is created in the Salesforce Community
A customer who has previously created a profile in Salesforce Identity visits a storefront
The customer logs in Theyre authenticated by Salesforce Identity
A stub profile is created in BB Commerce
BB Commerce updates the customers profile
Related Content
Review earlier steps in this solution
Solution Architecture
Implement Seamless CrossCloud Identity
Design Considerations
Take the next steps in this implementation
Design Considerations
Configurations
Design Considerations
Keep these design considerations in mind when you implement seamless crosscloud identity
Maintain One Source of Customer Information for Core and Primary Profile Information
To minimize synchronization and migration of customer profile data set up the primary profile in Communities
Establish one source for customer profiles that all integrated environments can use
You can pull profile information first names last names and email addresses from Experience sites via REST into a Commerce
Experience As you make profile changes in Experience Cloud you can push changes to Commerce Cloud if a use case requires them
Architect a commerce experience so that you dont edit in Commerce Cloud You manage profiles in Communities
Maintain CustomerSpecific Profile Data Thats Accessible Across Commerce Cloud and Experience Cloud Sites
Access profile and customer shopping data from Commerce Cloud and Experience sites via their individual REST APIs
Experience Cloud is the system of record for customer profile data which includes
Individual Profile
Authentication Credentials
Commerce Cloud is the system of record for customer shopping data which includes
Address Book
Payment Information
Wishlists and Product Lists
Avoid Syncing Customer Profiles Across Commerce Cloud and Experience Sites
Synchronization and replication of customer data across Commerce Cloud and Experience sites requires custom integration The ongoing
maintenance of this integration can be costly Ideally a crosscloud profile management solution isnt dependent on this capability
If a user changes profile data we recommend
Name Store in Experience Cloud which Commerce Cloud references
Address Update to Commerce Cloud
Email Store in Experience Cloud which Commerce Cloud references
Data Migration
When importing data across multiple systems maintain the profile creation and modification workflows within every cloud Confirm
that every profile within Commerce Cloud and Experience Cloud includes the relevant crosscloud identifiers
Be aware of these considerations
Currently no automated process or migration framework can facilitate customer data imports and migration between Commerce
Cloud and Communities or Service Cloud
Avoid individual record migration strategies when using REST APIbased migration The required cycle time to execute these strategies
may not meet customer expectations To export data use the bulk import and export capabilities of both platforms Reconcile
crosscloud unique identifier mappings then import the data again
Implement Seamless CrossCloud Identity
Design Considerations
Export customer data for Experience Cloud via Business Manager in its native XML format After you export it migrate the XML data
to an external database to facilitate profile remediation
Export customer data for Experience Cloud via the Salesforce Bulk API After you export it migrate the customer data to an external
database to facilitate profile mediation
Track Experience Cloud Authentication in Commerce Cloud with an Embedded Login
When a customer authenticates via Experience Cloud but hasnt authenticated via Commerce Cloud evaluate the value of an embedded
login
When a user clicks the button and enters credentials in the login form Salesforce authenticates the user Salesforce checks the connected
app to determine the type of access token to grant
Salesforce sends the access token to the callback
The callback uses the access token to pull the users information from Salesforce and cache it locally
The onlogin function determines which information to display to the user
If the website requires ongoing interaction with Salesforce after authentication the connected app maintains a connection between
the web page and the Salesforce Experience site
Retrieve Commerce Cloud Data from Experience Cloud Using Open Commerce APIs
Communities doesnt use all Commerce Cloud data objects for example wish lists product lists and payment information Every
Experience site user has a profile that lives in Commerce Cloud The Open Commerce API accesses and manages this data
Data Migration Strategy
When importing data across multiple systems maintain profile creation and modification workflows within every cloud That way you
include the relevant crosscloud identifiers in every profile
Be aware of these considerations
Salesforce doesnt yet offer automated processes or migration frameworks to facilitate customer data imports and migration between
Commerce Cloud and Salesforce Experience sites or Service Cloud
Avoid individual record migration strategies when using REST APIbased migration The cycle time required to execute these strategies
might not meet customer expectations To export data use the bulk import and export capabilities in Commerce Cloud and Experience
Cloud Reconcile crosscloud unique identifier mappings then import the data again
Export customer data for Experience Cloud using Business Manager in its native XML format After you export it migrate the XML
data to an external database to facilitate profile remediation
Export customer data for Experience Cloud using the Salesforce Bulk API After you export it migrate the customer data to an external
database to facilitate profile mediation
The type of migration you perform impacts mediation The implementation and cloud products you select affect the customer profile
mediation and migration approach
Profile mediation requires you to
Confirm whether you have customer profile representation in Experience Cloud and Service Cloud If so retrieve the UserID
PersonAccount AccountID and ContactID Decorate the Commerce Cloud profile with this data
Set up the PersonAccount with the Commerce Cloud Login CustomerNo and internal CustomerID
Related Content
Review earlier steps in this solution
Solution Architecture
Implement Seamless CrossCloud Identity
Configurations
Seamless Identity Solution Workflow
Take the next steps in this implementation
Configurations
See Also
Experience Cloud Sites as an Identity Provider requires Commerce Cloud XChange account
Configuring and Implementing OAuth Providers
Create a Branded Login Page
How to Implement Embedded Login
Experience Cloud Trailhead
Experience Cloud Basics
Engage with Your Customers
Engage with Your Employees
Engage with Your Partners
Get Started with Experience Cloud
Identity Trailhead
Connect to Individual Customers
Create a SelfRegistration Page
Customize Your Login Process with My Domain
Get to Know Salesforce Identity
Get to Know Salesforce Identity Users
Identity Basics
Identity for Customers
Learn the Language of Identity
Prepare Your Org for Salesforce Customer Identity
Secure Your Users Identity
Set Up a Experience Cloud for Salesforce Customer Identity
Set Up Single SignOn for Your Internal Users
Set Up Social SignOn
User Authentication
Use Salesforce Identity Beyond Your Internal Org
Configurations
Use these configurations to implement seamless crosscloud identity
Salesforce Experience Cloud Setup
Use the person or contact account to set up Experience Cloud members
Implement Seamless CrossCloud Identity
Configurations
The Commerce Cloud to Service Cloud connector supports person accounts outofthebox Contact accounts require some
customization
Store the customers core profile information in Experience Cloud
Customers register their profile through communities
When a customer chooses to register from within Commerce Cloud a redirect sends them to the Experience Cloud registration form
They do not see registration capability in Commerce Cloud
The Experience Cloud registration process creates the Experience Cloud user profile
Upon registration Experience Cloud invokes a remote OAuth authentication request to Commerce Cloud which creates the externally
authenticated profile
If Marketing Cloud is not going to be part of the use case use Contactless Users as an Option
If you implement Customer Data Manager use the contactspecific record to authenticate with Commerce Cloud
Salesforce Commerce Cloud Setup
Customers authenticate to Communities and Commerce Cloud via Salesforce Identity
Configure Salesforce Identity as an OAuth provider within Commerce Cloud
This setup uses a common login experience to authenticate against Commerce Cloud and Experience Cloud
When an authenticated customer visits the commerce experience they authenticate via OAuth integration seamlessly without
requesting credentials
Commerce Cloud maintains a stub and shadow record that represents the customer
When a customer authenticates for the first time via OAuth it creates an external profile within Commerce Cloud That profile
represents the local Commerce Cloud profile for the customer
Crosscloud identifiers decorate customer profiles
Commerce Cloud includes the Experience Cloud UserID and PersonAccount AccountContactID
Experience Cloud includes the Commerce Cloud CustomerNo Login and Internal CustomerID
When authenticated customers visit the commerce experience they authenticate via OAuth integration without having to request
credentials
If the number of users is larger than million or greater than logins per minute confirm performance considerations with
Salesforce Customer Support
Implement OAuth Integration Between Experience Cloud and Commerce Cloud Via Salesforce Identity
Establish Communities as the Commerce Cloud identity provider and enable Commerce Cloud customers to authenticate against their
Experience site customer profile
In this model
Communities serve as the master for customer profile information
Commerce Cloud configures Communities as a trusted OAuth provider that it authenticates against
Customers register their profiles via Communities then authenticate the commerce experience via OAuth
The OAuth authentication enables the creation of a Commerce Cloud profile which is linked to the Experience site profile via the
OAuth provided identifier
OAuth handoffs across both experiences handle seamless authenticated access between Commerce Cloud and Experience Cloud
sites
Learn from our best practices for creating a branded login experience
Set up Trusted System Auth in Commerce Cloud as part of the Identity and Commerce Cloud integration
Implement Seamless CrossCloud Identity
Configurations
This new API is for Salesforce customers who store Commerce Cloud passwords in external systems
The trusted auth service is specifically for systemtosystem API communication It creates a session that doesnt require a user name or
password Thats because the Commerce Cloud and Communities systems trust each other
Do not use this in place of authentication You can get information from the customer number but not authentication
This API endpoint lets customers with external IDP profiles manage their data from an external system It uses the Commerce Cloud
SHOP API and scopes the access to their data
Related Content
Review earlier steps in this solution
Solution Architecture
Seamless Identity Solution Workflow
Design Considerations