Update 23B

Revision History

This document will continue to evolve as existing sections change and new information is added. All updates appear in the following table:

Date	Module	Feature	Notes
05 MAY 2023			Created initial document.

Overview

HAVE AN IDEA?

We’re here and we’re listening. If you have a suggestion on how to make our cloud services even better then go ahead and tell us. There are several ways to submit your ideas, for example, through the Ideas Lab on Oracle Customer Connect. Wherever you see this icon after the feature name it means we delivered one of your ideas.

GIVE US FEEDBACK

We welcome your comments and suggestions to improve the content. Please send us your feedback at oracle_fusion_applications_help_ww_grp@oracle.com.

DISCLAIMER

The information contained in this document may include statements about Oracle’s product development plans. Many factors can materially affect Oracle’s product development plans and the nature and timing of future product releases. Accordingly, this Information is provided to you solely for information only, is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described remains at the sole discretion of Oracle.

This information may not be incorporated into any contractual agreement with Oracle or its subsidiaries or affiliates. Oracle specifically disclaims any liability with respect to this information. Refer to the Legal Notices and Terms of Use for further information.

Feature Summary

B2B Commerce

Storefront

Prevent Storefront User login after multiple unsuccessful login attempts

With this release, Storefront User accounts are locked when multiple unsuccessful login attempts are made. An email is sent to the user notifying the unsuccessful login attempts on the account. Users can regain access to their account by resetting the password using the “Forgotten Password” link.

This also applies to Storefront logins using Multifactor Authentication.

This feature will make Storefront User accounts more secure by locking user accounts on authorized access.

Steps to Enable

This feature is enabled by default. You can configure the user lock settings by using the API /ccadminui/v1/merchant/profilePolicies. Please refer to REST API documentation for more information.

Tips And Considerations

User locked out email will be sent only once after the account is locked.

Admin

Improved management for registered applications

This release provides improvements to registered applications on the Commerce Administration Interface (Admin UI) by providing Pagination support for registered application listing that improves user experience when there are large number of registered applications.

A registered application is an external application that is registered via Settings > Web APIs > Registered Applications area of the Admin UI.

Merchant Admins can now easily manage larger lists of registered applications within the Admin UI.

Steps to Enable

You don't need to do anything to enable this feature.

Integrations

Support for Batch Update of Orders via API

It is now possible for merchants to update multiple orders at a time via the REST API. Oracle Commerce already allows merchant to update orders through the Admin updateOrder REST API. However, it is limited to one order at a time.

This feature uses Bulk Import API for processing multiple orders in the background.

Please refer to the “Import data endpoints” section of “Perform Bulk Export and Import” in the “Extending Oracle Commerce” guide of Oracle Commerce documentation for more information on how to import using bulk operations.

The JSON file to be uploaded using the Admin startFileUpload REST API has to be created in the below format:

{

“batchOrders”: [

{

…

“id”: “<Order1>”,

…

},

{

…

“id”: “<Order1>”,

…

}

]

}

Please note that each order record in above array must have the same structure as updateOrder endpoint payload.

While doing the Import process using the Admin executeImport REST API, ensure to set the “id” parameter in the input payload to  “BatchOrders”.

This feature helps merchants update multiple orders at a time, increasing integration efficiency and performance

Steps to Enable

Merchants can enable the feature using the Admin updateCloudConfiguration API. Sample payload below:

{

"allowBatchOrdersUpdate": true

}

Tips And Considerations

• Merchants are advised to use this feature cautiously as the validations in the updateOrder REST API applies to this feature as well.
• There is no support for batch update of orders using CSV.
• It is mandatory to have field “id” on every order record in the imported file. E.g.,

{

“batchOrders”: [

{

…

“id”: “<Order1>”,

…

}

]

}

Open Storefront Framework

Ability to customize and configure the Recommendations Container

It is now possible for the merchants to customize and configure the widgets inside the Product Recommendations Carousel within an Open Storefront (OSF) application.

The ‘ProductRecommendationsCarousel’ widget had been converted into a container that holds 3 new sub-components - Image, Name and Price.

This feature provides the flexibility to the Merchants to easily customize the Product Recommendations Carousel and can add other widgets such as ‘ProductQuantity’, and ‘AddToCart’.

Steps to Enable

The ProductRecommendationsCarousel(product-recommendations-carousel) can be found on the "Product – Default" page layout of the OSF application in Design Studio.

Support for Selective Asset Download

Oracle Commerce now provides an option for merchants to selectively download assets associated with their commerce application. Previously, merchants could only download all the assets related to their applications.

Customers can make use of the below provisions to download selective Assets:

• “downloadSelectedAssets” endpoint.
• CLI tool added in OSF.

In this feature, a new endpoint named “downloadSelectedAssets” is added, which returns a zip file containing the requested assets and a log file of assets that were not downloaded. To use this feature, merchants must upload a JSON request specifying the asset type such as pages, containers, slots, components and styles and their corresponding file or directory paths they want to download. This feature provides merchants greater flexibility and control over their assets by allowing them to download only a specific asset.

The request to be uploaded using the newly created Admin “downloadSelectedAssets” REST API has to be in the following format:

POST: /ccadmin/v1/clientApplications/{application}/assets

{

"pages": [

"checkout-login.json",

"429.json",

"checkout-order-confirmation.json",

"checkout-shipping.json",

"update-expired-password.json"

],

"containers": [

"cart-container.json",

"dynamic-product-listing-desktop.json",

"profile-update-password-container.json"

],

"slots": {

"header-with-notification-device-slot": [

],

"dynamic-product-listing-for-search-device-slot": [

"structure.json"

],

"checkout-header-with-notification-device-slot": [

"config.json"

]

},

"components": {

"add-items-to-cart": [

"resources.json"

],

"account-type-selector": [

],

"back-button": [

"config.json"

],

"account-type-selector-responsive": [

"layout.json"

],

"checkout-back-to-previous-button": [

"index.json"

],

"country-store-language-currency-desktop": []

},

"styles": [

"customStylingRed.css",

"customStylingBrown.css",

"customStylingBlack.css"

]

}

Use valid JSON format for file and directory paths of different asset types to avoid validation errors.

See below for such errors.

• Sending an empty payload results in the error code 212001, with the server responding with the message 'The JSON payload cannot be null or empty. Please ensure a valid JSON payload is included in the request and try again'.
• If the payload contains an invalid asset type, then the error code 212002 is returned with the message 'Invalid assetType' '<invalid_asset_type_name>'.
• If the payload contains an invalid asset value for a specific type, then the error code 212003 is returned with the message 'The asset value passed for asset type '<valid_asset_type_name>' is invalid'.
• If an invalid asset type is used for a directory-based asset, then the error code 212005 is returned with the message 'Invalid Asset Type found for Directory-based asset '<directory_based_asset_name>'.
• If an invalid file type is used for a directory-based asset, then the error code 212006 is returned with the message 'Invalid file name '<Invalid_filename.json>' exists for directory '<directory_based_asset_name>'.
• "If a null value is passed as the file name for a file-based asset type, then the error code 212007 is returned with the message 'File name null or empty provided for file-based asset type 'pages'.

In OSF, A new option has been added to ‘occ download-assets’ command to download only selective assets from Design Studio, instead of downloading all the assets.

To download selective assets, call “yarn occ download-assets” command with “selectiveAssets” flag and add “—assetsDataFromFile” option and pass the file path of the JSON file containing the data of which assets need to be downloaded.

Usage: yarn download-assets --selectiveAssets --assetsDataFromFile <file-path>

• This will help the customers download only a few asset files that they need, which will be faster than downloading all the asset files.
• If customers have some changes in asset files in their local, if they download all assets and provide the option to override the local assets with downloaded assets then their local changes will be lost. With this new option customers can download only selective files so that after overriding the local assets with downloaded assets, their changes in other asset files will not be lost.

Steps to Enable

You don't need to do anything to enable this feature.

Tips And Considerations

• The JSON file containing the assets data can be created anywhere and the full file path of the file needs to be provided as the value for the assetsDataFromFile command argument.
• The JSON file should contain only valid assetTypes like pages, components, containers, slots and styles, else error will be thrown.
• Below is an example input data file for the assetsDataFromFile argument. A JSON file can be created with the below JSON data and that file path can be passed as value to the assetsDataFromFile argument

{

"pages": ["home.json"],

"containers": [cart-container.json"],

"slots": {

"header-with-notification-device-slot": [

]

"checkout-header-with-notification-device-slot": [

"config.json",

"structure.json"

]

},

"components": {

"back-button": [

"config.json"

]

},

"styles": ["customStyling.css"]

}

• If there are multiple files inside a component or slot, required files can be downloaded by adding those file names in an array and if all the files need to be downloaded then an empty array needs to be passed.
• To confirm that all requested assets have been downloaded, check the <App_Id>_<Preview/Live>.log file in the downloaded zip. This file lists any assets that were not downloaded. <App_Id> represents the application ID, and Preview/Live is appended based on whether the requested assets are in live mode or preview mode.
• To download all assets of an application, use a GET request to the `getClientApplication` API in the Admin API. Refer to the Oracle Commerce documentation for more information about this endpoint.

Server-Side Extensions

Access Control to Server-Side Extension Endpoints

• Oracle Commerce now enables administrators to control access to server-side extension endpoints.
• New privileges introduced are "SSE Authoring" and "SSE Promoting”.

• “SSE authoring" privilege (ora.serverSideExtensionAuthoringPrivilege) can author the extensions in the preview environment. It will have access to the following endpoints:
  • POST: /ccadmin/v1/serverExtensions  
  • To delete a specific extension
    • DELETE: /ccadmin/v1/serverExtensions

• To delete extension files
  • POST: /ccadmin/v1/serverExtensions/deleteFiles
• To retrieve extensions
  • GET: /ccadmin/v1/serverExtensions -

• “SSE promoting" privilege (ora.serverSideExtensionPromotingPrivilege) can promote the extensions to the production environment and will have access to the following endpoints:
  • To promote extensions from preview to production.
    • POST: /ccadmin/v1/serverExtensions/promoteFiles
  • To get promote status
    • GET: /ccadmin/v1/serverExtensions/promoteStatus
  • To retrieve extensions
    • GET: /ccadmin/v1/serverExtensions -

Using this feature, merchants can create custom roles and manage their access to upload, delete, and promote extensions. By adding privileges to the roles and assigning roles to users/applications, the users/applications will be provided access to do a specific operation for which they are authorized.

Steps to Enable

You don't need to do anything to enable this feature.

Tips And Considerations

• Merchants can create a custom role called “sseAuthoringRole” and give the authoring privilege “ora.serverSideExtensionAuthoringPrivilege.”

POST: /ccadmin/v1/adminRoles

{

"repositoryId": "sseAuthoringRole",

"description": "Server Side Extensions Authoring Role",

"accessRights": [

{

"repositoryId": "ora.serverSideExtensionAuthoringPrivilege"

}

]

}

• Merchants can create a custom role called “ssePromotingRole” and give the promoting privilege “ora.serverSideExtensionPromotingPrivilege.”

POST: /ccadmin/v1/adminRoles

{

"repositoryId": "ssePromotingRole",

"description": "Server Side Extensions Promoting Role",

"accessRights": [

{

"repositoryId": "ora.serverSideExtensionPromotingPrivilege"

}

]

}

• The user profiles can be created and assigned specific roles using the user management interface on the admin console.
• The application can be created and assigned specific roles using the createApplicationId endpoint in the admin API.

POST: /ccadmin/v1/applicationIds

{

"name": "MyApp",

"type": "application",

"roles": [

{

"sseAuthoringRole"

}

]

}