Salesforce B2C Commerce 24.5 > Administering Your Organization > Global Preferences > Security Settings

Create CSRF Allowlists

⚠️ The annual cost of maintaining the server where this website is hosted, the domain, and keeping it up-to-date is approximately €3,000 per year. Help us with a small donation to cover these expenses. Support Now!

0 / 10000

Configure how your site handles CSRF allowlists.

  1. Select Administration > Global Preferences > Security and select the CSFR Settings tab.
    You can configure two types of CSRF allowlists: allowlists for pairs of pipelines and start nodes, and allowlists for user agents.
  2. To allowlist a pipeline and start node, enter the names of the pipeline and start node in the Add Pipeline/Start Node to Allowlist fields, and click Add Pipeline/Startnode.
    Repeat this step to allow additional pipeline/startnode pairs.
  3. To allowlist a user agent, select an instance type from the Instance Type dropdown, enter the name of the user agent in the Add UserAgent to Allowlist field, and click Add UserAgent.
    Repeat this step to allowlist additional user agents.
  4. Click Apply.
Related concepts
Use a Positive Security Model

Infocenter Retirement: On June 30, 2023, the Infocenter was retired, and documentation currently hosted on the Infocenter will be published to Salesforce Help, Commerce Cloud Developer Center, and Salesforce B2C Commerce Developer Documentation Resources. For more information, see the release note.