Why You Should Never Use FullAccess
A brief overview on why we strongly caution against using the FullAccess role.
Published by Miranda Posthumus on Thu Jul 06 2023DevelopmentAuthentication
Implementing Single Sign On with Google IDP
A complete end-to-end tutorial on implementing single sign-on via OpenIDConnect with Google as your identity provider
Published by Crhistian Ramirez-Hernandez on Thu Aug 11 2022Authentication
Configuring Custom Password Security
As part of our ongoing commitment to security we have released an enhanced password security feature to give you greater control over password requirements for users of your applications.
Published by Miranda Posthumus on Thu Feb 25 2021
Last updated on Tue Mar 02 2021Authentication
Single Sign On via OpenID Connect
SSO (Single Sign On) allows your users to authenticate themselves to the OrderCloud API by logging into any identity provider you trust.
Published by Jeff Ilse on Mon Apr 15 2019
Last updated on Wed Nov 09 2022Authentication
The OrderCloud API supports this capability by allowing certain users to make API calls on behalf of a buyer user, which we refer to as impersonation.
Published by Jeff Ilse on Tue Jan 08 2019Authentication
Understanding Security Profiles
Security profiles are groups of roles (permissions), each of which grant users access to specific API endpoints and functionality. This lets you lock down access to your marketplace at the API level which is very powerful.
Published by Jeff Ilse on Thu Oct 20 2016Authentication
Introduction to API Clients
OrderCloud uses the term API Clients to identify various access points to your marketplace's data. These access points have properties that control what parties can use it, how they can gain access, and for how long that access remains valid.
Published by Rob Watt on Fri Jun 24 2016
Last updated on Mon Jun 25 2018Authentication
Anonymous Shopping, or Guest Checkout, is when a user is enabled to browse a catalog of products and/or checkout without registering themselves. Accomplishing this requires OrderCloud developers to pull together a lot of platform knowledge. We'll summarize that information here.
Published by Rob Watt on Sat Feb 20 2016
Last updated on Fri Apr 29 2022AuthenticationConfigurationOrdering
OrderCloud's authentication system is built on top of an open authorization standard called OAuth2 which is increasingly becoming an industry standard for security and permission-based application experiences.
Published by Jeff Ilse on Tue Dec 15 2015
Last updated on Fri Feb 26 2021Authentication
Me and My Stuff
OrderCloud provides the Me Resource whose job it is to flatten these assignments for the currently authenticated user and just "show me what I can see" regardless at which level these assignments are made.
Published by Rob Watt on Wed Feb 25 2015
Last updated on Wed Feb 25 2015AuthenticationCustomizations