Salesforce B2C Commerce 24.7 > Administering Your Organization > Global Preferences

Configure OAuth2 Providers

You can use Business Manager to configure OAuth2 providers, but you must first register your site with your selected providers.

  1. Select Administration > Global Preferences > OAuth2 Providers.
  2. To create a provider, click New or New from Template. To edit an existing provider record, click its ID.
    Google Plus has been deprecated, so don’t use the Google Plus template. For instructions on using Google, including migrating from Google Plus, see the Google developer documentation.
  3. On the Global Preferences OAuth2 Providers Edit page, edit or create the following details:
    Option Description
    Client ID Obtain from the provider.
    Client Secret When a client registers with an OAuth2 provider, the provider issues the client a client secret, which is considered private and must be kept confidential. The value of this field is kept encrypted in the database (but is in plain text when exported from the database, or imported into the database).
    Scopes Corresponds to the scopes available for the OAuth2 provider and configured for the web site when registering the web site on the provider's web site. The scopes are provider-specific and are not standardized. For more information, see section 3.3 Access Token Scope in the OAuth2 specification.
    Authorization URL URL of the provider where the initial OAuth2 handshake occurs. For more information, see section 3.1 Authorization Endpoint in the OAuth2 specification.
    Token URL URL of the provider where the token is requested from. For more information, see section 3.2 Token Endpoint in the OAuth2 specification.
    User Info URL URL of the provider of the user information (first name, last name, email, and so on). For more information, see section 7 Accessing Protected Resources in the OAuth2 specification.
    User Info URL Access Token Name

    Specifies the name of the query parameter.

    When a request to the User Info URL is made, the access token value is attached to the request as a URL query parameter value. This parameter value specifies the name of the query parameter. For most providers, it is access_token, but it's different for some (for example, for LinkedIn, it is oauth2_access_token).

    Redirect Pipeline Node After the OAuth2 provider grants access to the client application, the provider returns control to the specified pipeline node.
  4. To save your changes, click Apply.
Related concepts
Register Your Site with OAuth2 Providers
Customer Authorization with OAuth2
Shopper Authentication

Infocenter Retirement: On June 30, 2023, the Infocenter was retired, and documentation currently hosted on the Infocenter will be published to Salesforce Help, Commerce Cloud Developer Center, and Salesforce B2C Commerce Developer Documentation Resources. For more information, see the release note.