The seller administrators use the Account Management service to create and manage corporate accounts and sub-accounts for buyer organizations and the entities within the buyer organization. The following diagram demonstrates the workflow for the buyer and seller within Account Management service:
Elastic Path Account Management service uses the open source identity and access management solution, Keycloak, for user authentication. Each user is authenticated with Keycloak when logged in to Account Management service. For more information, see the Keycloak documentation page.
Elastic Path Account Management APIs provide resources for managing accounts and sub-accounts within the buyer organizations. You can access the REST endpoint for the Elastic Path Account Management user interface, store fronts, and touch points.
The merchandisers use Elastic Path Commerce Manager to configure store catalogs, pricing, and other store configurations required for each account. Each account in a buyer organization might have specific pricing depending on contract agreements, initial negotiations, or initial terms and conditions.Â
Seller Administrator Workflow
The seller administrators adds accounts and sub-accounts as in the following workflow:
- The seller administrators logs in to the Account Management user interface with the credentials.
- The seller administrator is redirected to the Keycloak identity provider for authentication.
- Browser is redirected back to the Account Management user interface with authentication code if authentication is successful. An error code or message is returned if authentication fails.
- The Account Management user interface calls the Account Management APIs to create an account for the buyer organization or to add associates as required. All other accounts and sub-accounts for various entities within the buyer organization are created within this account.
- The Account Management API queries database to get the details of the existing accounts or to add the new account configuration.
- The Account Management service uses the account specific pricing to map an associate shopping for an account to a specific customer that belongs to a customer segment to provide exclusive commerce experience for the account. For more information about account specific pricing configuration, see the Pricing documentation.
Buyer Associate Shopping Workflow
Only a buyer associate can shop on behalf of an account in B2B commerce. For more information about various user roles, see the Roles and Permissions section. The following workflow provides list of activities in an associate shopping workflow:
- An associate logs in to commerce site or storefront of the seller organization.
- The associate is redirected to the Keycloak identity provider for authentication.
- The associate enters user credentials in to the identity provider.
- Browser is redirected back to the storefront with authentication code if authentication is successful. An error code or message is returned if authentication fails.
- Storefront sends the authentication code to the account management API.
- The account management API verifies the identity of the associate with the identity provider using the authentication code.
- The account management API returns an access token to the storefront to access the storefront commerce shopping API.
- The storefront uses the access token of the account management API to query and select a an account to shop.
- The Account Management user interface returns an access token to the storefront for the selected role that the associate selects.
- The storefront uses the shopping API access token to complete the shopping.
Buyer Organization Configuration Workflow
A buyer organizations can manage the account hierarchy with which the organization shops on the seller organization storefront. Seller administrators can create accounts and sub-accounts depending on the buyer organization structure. Seller administrators can also add associates to each account in the buyer organization with right roles and permissions to enable them to shop on behalf of that account.
The following diagram illustrates the structure of an organization and the distribution of accounts and sub-accounts within it:
- The seller administrator creates the accounts and sub-accounts and assigns associates authorized to shop for specific account.
- An organization might have an associate or multiple associates authorized to shop for a specific account. For each buyer organization, a list of associates is provided by the organization. The seller administrator uses this list to assign an associate to an an account depending on the requirement
- The seller administrator can add associates directly to an account and the associate is added to the associate list of the account.
- For example, when the seller administrator adds an associate, associate_123 to the account 1 in Buyer Organization 2, the Account Manager service adds the associate to the associate list of Buyer Organization 2
- Each account in Account Management service has a list of associates assigned to the account.
- Seller organization with multiple stores have separate Account Management configuration for each store.