Account Management API is now deprecated and we recommend that you use Account Management functionality built into Elastic Path Commerce 8.2 and later.
The merchandisers use Elastic Path Commerce Manager to configure store catalogs, pricing, and other store configurations. The seller administrators use the Account Management service to create and manage corporate accounts for buyer organizations and the divisions of these stores. The following diagram demonstrates the workflow for the buyer and seller within Account Management service:
Elastic Path Account Management service uses the open source identity and access management solution, Keycloak, for user authentication. Each user is authenticated with Keycloak when logged in to Account Management service. For more information, see the Keycloak documentation page.
Elastic Path Account Management APIs provide resources for managing buyer organizations, divisions, and sub-divisions. You can access the REST endpoint for the Elastic Path Account Management user interface, store fronts, and touch points.
Seller Admin Workflow
The seller administrators adds organization and the divisions as in the following workflow:
- The seller administrators logs in to the Account Management user interface with the credentials
- The seller admin is redirected to the Keycloak identity provider for authentication
- Browser is redirected back to the Account Management user interface with authentication code if authentication is successful. An error code or message is returned if authentication fails
- The Account Management user interface calls the Account Management APIs to create the organization or divisions or to add associates as required
- The Account Management API queries database to get the details of the existing organizations or to add the new organization configuration
- The Account Management service uses the division-based or organization-based pricing to map an associate shopping for a division to a specific customer that belongs to a customer segment to provide exclusive commerce experience for the division. For more information on how to setup this configuration, please read the user guide on pricing configuration
Buyer’s Shopping Worflow
Only an associate can shop on behalf of a division in B2B commerce. The following workflow provides list of activities in an associate shopping workflow:
- An associate logs in to the seller organization’s commerce site or storefront
- The associate is redirected to the Keycloak identity provider for authentication
- The associate enters user credentials in to the identity provider
- Browser is redirected back to the storefront with authentication code if authentication is successful. An error code or message is returned if authentication fails
- Storefront sends the authentication code to the Account Management API
- The Account Management API verifies the associate’s identity with the identity provider using the authentication code
- The Account Management API returns an access token to the storefront to access the storefront commerce shopping API
- The storefront uses the The Account Management API’s access token to query and select a division to shop
- The Account Management user interface returns an access token to the storefront for the selected role that the associate selects
- The storefront uses the shopping API access token to complete the shopping
Buyer Organization Configuration Workflow
Seller organizations can manage buyer organization hierarchy so that the buyer organization can shop on the seller organization storefront. Seller administrators can create organizations or divisions depending on the buyer organization structure. Seller administrators can also add associates to buyer organization with right roles and permissions to enable them to shop on behalf of that organization.
The following diagram illustrates the structure of an organization and the distribution of divisions and subdivision within it:
- The seller administrator creates the divisions and sub-divisions and assigns associates authorized to shop for specific divisions
- An organization might have an associate or multiple associates authorized to shop for specific divisions or all divisions in the organization. For each buyer organization, a list of associates is provided by the organization. The seller administrator uses this list to assign an associate to an organization, division, or sub-division depending on the requirement
- The seller administrator can add associates directly to a division and the associate is added to the organization’s associate list
- For example: when the seller administrator adds an associate, associate_123, to the sub-division 1 in Buyer Organization 2, the Account Management service adds the associate to the associate list of Buyer Organization 2
- Only seller administrator can add associates. A seller administrator cannot add a new seller administrator
- Seller organization with multiple stores have separate Account Management configuration for each store