Clear understanding - B2B Commerce Store Setup in Lightning Experience - Blog - 6.1

There are many documents that helps us to set up Store in B2B Commerce on Lightning Experience but do we really understand the steps or just focus on creating a STORE ?? 

Here, we will know the steps with proper understanding in an easy way and will also clear your interview questions and answers.

1. You need to enable Digital Experience before creating a Store, but why ?
    - It allows a Store to use Experience Cloud functionality.
    - Also, it automatically extends access to external members.

2. You need to enable Commerce feature and Order settings, but why ?
    - Commerce feature provides your Store objects and workspaces.
    - Order settings allows your Store to purchase. Once enabled, cannot be disabled later on.

3. You need to configure sharing settings for commerce objects.

4. You need to customize commerce object page layouts.
    - Product page layout includes : 
        Product SKU
        Categories
        Commerce Entitlements
    - Add related list to the account page which makes easier to manage accounts.
    - Add Buyer info to the Account detail page.

5. We need to configure internal users as several of them are involved in creating Stores. We need to create a profile for them and then use it to create users, assigning the appropriate  permission set for each type of users.

6. To allow self registration on stores to work correctly, all internal users who creates stores are assigned to a role.

7. Permission sets for Buyers, Buyer Managers, Account Switchers :
- Preconfigured permission sets for buyers and buyer managers are provided which allows them to access the Store and everything.
- Buyer Managers can manage contacts and reports.
- Account Switcher permission set can be created that allows buyers/buyer managers to switch between Accounts.
   

8. Note the differences :

User based on Buyer Manager permission sets can Create/Read/Edit/Delete addresses on the Accounts they have access to.	User based on buyer permission sets have only read access to addresses on the other accounts.
Buyer Managers and Account Switchers requires a Customer Community Plus License or a license with a higher level of privileges.	Buyer users requires a Customer Community License or a license with a higher level of privileges.

        

9. Set your Default External Access Sharing settings in OWDs to Private on Product records for all commerce use cases because as you know there are multiple Stores or both Stores and other Experience Cloud sites, its possible for authenticated users to use a SOQL query and discover all your products regardless of any entitlements you have set up. Also, they cannot see prices nor purchased products.

10. For most secure setup for external users, don't grant access to products and other commerce objects at profile level. Instead, grant access to objects through a permission set that is only assigned to buyers and buyer managers.

11. What is MFA ? 

Multifactor Authentication (MFA) increases protection for user accounts against common threats like phishing attacks, credential stuffing and account takeovers. 

12. When and why it is necessary to enable HttpOnly attribute ? 

If we want to add third-party scripts and components to your Store and make it impossible for these scripts and components to directly access the session ID (SID) cookie using JavaScript. 

To prevent attackers from hijacking your session or initiating cross-site scripting, we need to enable the "Require HttpOnly attribute" setting. 

13. What is Custom Domain and CDN ? 

The custom domain is a subdomain of a top-level domain. Example, if your top-level domain is example.com, your subdomain is something like store.example.com. 

Your top-level domain is hosted externally from Salesforce and both the domains must be registered with a third party(Ex. GoDaddy or Verisign). 

14. How to get your org ready for B2B Commerce on Lightning Experience.

• Enable Digital Experiences for Commerce, Commerce features, Order settings, Person Accounts.
• Configure Sharing Settings, Internal Users.
• Customize Commerce Object Page Layouts, Commerce App.
• Configure Permission sets for Buyers, Buyer Managers and Account Switchers. 
• Do Multifactor Authentication.
• Prevent Third-party attacks on your Store.
• Configure a  Custom Domain and CDN.
• Install Commerce Reports to track Commerce Orders.

Resource : https://resources.docs.salesforce.com/latest/latest/en-us/sfdc/pdf/b2b_standalone_setup.pdf