User Authorization

Salesforce B2C Commerce uses role-based access control to perform authorization. A user is assigned one or more roles, with each role consisting of a set of permissions. User authorization is configured in Business Manager using custom roles and permissions. The process primarily works the same way regardless of whether you use local or unified authentication.

Business Manager comes with an admin user that has the administrator role. The administrator provides permissions to perform any action, including setting security controls. We recommend that the admin grant permissions to other users appropriately and sparingly. In fact, only use this all-powerful admin account when absolutely necessary. If the user credential is compromised, then the security of the entire system is compromised.

By default, when a user is created in Business Manager or Account Manager, that user has no permissions. When they log in, they can’t see or do anything in Business Manager. This follows the best practice of deny-by-default. To allow a user to perform a specific action, an existing user with the appropriate permissions must create one or more roles, each corresponding to a set of permissions. That user must then assign the new user one or more of those roles.

When assigning roles to users, follow the principle of least privilege. Create several users, with each user given only the roles and permissions they need for their job. For example, a user account for the sole purpose of checking analytics does not need permission to manage the product catalog. Additionally, grant read-only permissions to a role, unless users need write access to the object. For example, grant read-only permissions for the coupon module to all roles, but assign write access to only those roles that create or modify coupons.