b2c-ecdn
B2C eCDN Skill
Use the b2c CLI plugin to manage eCDN (embedded Content Delivery Network) zones, certificates, security settings, and more.
Tip: If
b2cis not installed globally, usenpx @salesforce/b2c-cliinstead (e.g.,npx @salesforce/b2c-cli ecdn zones list).
Configuration
Values like tenantId resolve from dw.json / SFCC_* env vars / the active instance. Examples below show minimal usage; add flags only to override configured values. If a required value is missing, the CLI emits an actionable error pointing at the flag, env var, and config key. See the b2c-config skill for precedence details.
Prerequisites
- OAuth credentials with
sfcc.cdn-zonesscope (read operations) - OAuth credentials with
sfcc.cdn-zones.rwscope (write operations) - Tenant ID for your B2C Commerce organization (from config or
--tenant-id)
Examples
List CDN Zones
# list all CDN zones for the configured tenant
b2c ecdn zones list
# JSON output
b2c ecdn zones list --json
# target a different tenant than the active config
b2c ecdn zones list --tenant-id zzxy_prd
Create a Storefront Zone
# create a new storefront zone
b2c ecdn zones create --domain-name example.com
Purge Cache
# purge cache for specific paths
b2c ecdn cache purge --zone my-zone --path /products --path /categories
# purge by cache tags
b2c ecdn cache purge --zone my-zone --tag product-123 --tag category-456
Manage Certificates
# list certificates for a zone
b2c ecdn certificates list --zone my-zone
# add a new certificate
b2c ecdn certificates add --zone my-zone --hostname www.example.com --certificate-file ./cert.pem --private-key-file ./key.pem
# validate a custom hostname
b2c ecdn certificates validate --zone my-zone --certificate-id abc123
Security Settings
# get security settings
b2c ecdn security get --zone my-zone
# update security settings
b2c ecdn security update --zone my-zone --ssl-mode full --min-tls-version 1.2 --always-use-https
Speed Settings
# get speed optimization settings
b2c ecdn speed get --zone my-zone
# update speed settings
b2c ecdn speed update --zone my-zone --browser-cache-ttl 14400 --auto-minify-html --auto-minify-css
Additional Topics
For less commonly used eCDN features, see the reference files:
- SECURITY.md — WAF (v1 and v2), custom firewall rules, rate limiting, and Page Shield (CSP policies, script detection, notification webhooks)
- ADVANCED.md — Logpush jobs, MRT routing rules, mTLS certificates, cipher suite configuration, and origin header modification
Configuration Overrides
The tenant ID can be overridden via flag or environment variable:
--tenant-id/SFCC_TENANT_ID/tenantIdin dw.json
The --zone flag accepts either:
- Zone ID (32-character hex string)
- Zone name (human-readable, case-insensitive lookup)
OAuth Scopes
| Operation | Required Scope |
|---|---|
| Read operations | sfcc.cdn-zones |
| Write operations | sfcc.cdn-zones.rw |
More Commands
See b2c ecdn --help for a full list of available commands and options in the ecdn topic.
More from salesforcecommercecloud/b2c-developer-tooling
b2c-docs
Search and read B2C Commerce Script API documentation and XSD schemas using the b2c CLI. Use this skill whenever the user needs to look up class methods, understand API signatures, find available properties on commerce objects (baskets, orders, products, customers), or check XML schema formats for imports. Also use when writing server-side scripts and needing API reference — even if they just say "what methods does Basket have" or "what fields can I import for products".
116b2c-webdav
List, upload, download, and manage files on B2C Commerce instances via WebDAV. Use this skill whenever the user needs to upload files to IMPEX directories, download exports from an instance, list remote files, create or delete directories, or zip/unzip files on the server. Also use when managing file transfers to sandboxes or browsing instance file systems -- even if they just say 'upload a file to the instance' or 'check what's in the IMPEX folder'.
103b2c-slas-auth-patterns
Implement SLAS authentication patterns in B2C Commerce including passwordless login (email OTP, SMS OTP, passkeys), session bridging between PWA Kit/Storefront Next and SFRA, hybrid authentication (B2C 25.3+), token refresh flows, trusted system on behalf of (TSOB), and JWT validation. Use this skill whenever the user asks about shopper authentication beyond basic login, token exchange flows, passwordless or biometric auth, keeping sessions alive across storefronts, handling 409 Conflict errors on token endpoints, refreshing shopper tokens, or validating JWTs — even if they don't mention SLAS by name.
90b2c-config
Inspect and debug CLI configuration, instance connections, and authentication. Use this skill whenever the user needs to check which dw.json or credentials are active, manage multiple instance profiles, retrieve OAuth tokens for scripting, troubleshoot authentication failures or connection errors, or integrate with VS Code or other editors. Also use when environment variables override config or the wrong sandbox is being targeted -- even if they just say 'why is it connecting to the wrong instance' or 'get me an access token'.
90b2c-controllers
Create storefront controllers using SFRA or classic patterns with server.get/post, middleware chains, and res.render/json. Use this skill whenever the user needs to build a page route, handle form submissions, create AJAX endpoints, extend or override existing controllers, or add middleware to a request pipeline. Also use when debugging route registration or response rendering -- even if they just say 'new page endpoint' or 'handle a POST request'.
86b2c-scapi-schemas
Browse and retrieve SCAPI OpenAPI schema specifications. Use this skill whenever the user needs to list available SCAPI APIs, inspect endpoint paths or request/response shapes, explore data models for products or orders, check which fields an API returns, or understand SCAPI versioning. Also use when looking up API details before building an integration -- even if they just say 'what fields does the product API return' or 'show me the SCAPI endpoints'.
84