Private store workflow

Understand the private store workflow.

The private store workflow is critical for managing exclusive shopping experiences for designated customer groups. It leverages specific access rules and robust authentication mechanisms to ensure only authorized customers can access and purchase within their dedicated private stores. This guide provides a comprehensive overview of the steps required to associate customers with their private stores, ensuring a seamless and secure shopping experience tailored to their needs.

The private store workflow streamlines associating customers with their designated private stores based on specific access rules. Only authenticated customers with the appropriate credentials can browse and purchase in their private store environment. Following the steps outlined in this topic, you can efficiently manage customer associations and maintain secure access to private store content.

This topic describes the private store workflow. This scenario assumes:

  • The site uses a public API key.

  • The site has multiple private stores, the private store ID and target market ID of which are unknown. If you know this information, the search step is optional.

  • You set up a single access rule to authorize customers based on their email domain.

  • Customer authentication is required to browse within a purchase plan. Authentication is a prerequisite if isAuthenticationRequiredToBrowse is set to true.

See Private stores and Managing private stores for more information.

How to associate a customer with a private store

To successfully associate a customer with a private store, you must follow a series of steps, including the search for an appropriate private store and the necessary authentication processes. This guide will walk you through the entire workflow, ensuring you can efficiently associate a customer with a private store based on predefined access rules and customer credentials.

Step 1. Search for a private store

When associating a customer with a private store, the first step is to search for the appropriate private store that matches the customer's email domain. This process involves sending a GET /v1/purchase-plan/search request to find available private stores based on predefined access rules. The search uses OR logic, allowing you to locate private stores using any valid configured access rule, such as email domain or IP address. This flexibility ensures you can efficiently find and match the correct private store for the customer.

To search for a private store, send a GET /v1/purchase-plan/search request to the Commerce API. Use the customer's email domain (emailDomain) or any other valid configured access rule to find matching private stores. The search uses OR logic for flexibility. See Private store query parameters for more information. Below is an example using cURL:

curl --location -g --request GET '' \--header 'Authorization: bearer {{access_token}}' \ 

You will receive a 200 OK response with details about the matching private store(s).

Step 2. Get an access token

In this step, you will obtain an access token to authenticate API requests when associating a customer with a private store. The access token provides the necessary permissions to interact with the Commerce API securely. Follow the instructions to send a GET /v1/token request using your public API key and retrieve the access token in JSON format.

You must send a GET /v1/oauth20/token request using your public API key to obtain an access token. This token allows you to authenticate API requests securely. Include the apiKey and format=json query parameters with your request. Below is an example using cURL:

curl --location -g --request GET ' apiKey=yourAPIkey&format=json' \--header 'Authorization: bearer {{access_token}}' \ 

You will receive a 200 OK response with the access token details in JSON format:

Step 3. Authorize a customer to access the private store

In this step, you will authorize customers to access a private store, allowing them to browse and purchase products with special permissions or discounts. You can authorize a customer by sending a POST /v1/shoppers/me/purchase-plan/authorize request with specific criteria in the payload, such as purchase plan ID and target market ID. A successful request will result in a 204 No Content response confirming that the customer can access the private store.

If the private store provides an overall product discount, the Products resource will reflect discounted prices and any associated offers. The Cart resource will also reflect discounted prices. In the event of an unsuccessful request, an error message will indicate

Successfully authorizing a customer to access a private store is a significant achievement. To do so, send a POST /v1/shoppers/me/purchase-plan/authorize request with the required criteria in the payload, such as purchase plan ID, target market ID, and optionally an email domain. Upon success, the response will be a 204 No Content, marking the customer's entry into the private store.

curl --location -g --request POST '' \
--header 'Authorization: bearer {{access_token}}' \ 
--data-raw '{
   "purchasePlanAuthorize": {
      "id": "11858700",
      "targetMarketId": "35100",
      "emailDomain": ""
    "purchasePlanAuthorize": {
      "id": "11858700",
      "targetMarketId": "35100",
      "emailDomain": ""

Subsequent calls in the workflow could include:

Last updated