Merge main into t/commerce/W-20590941/mcp-server

Author: yhsieh1

.gitignore

@@ -25,3 +25,4 @@ docs/.vitepress/cache
 docs/api/
 
 dw.json
+dw.json*

AGENTS.md

@@ -1,7 +1,40 @@
+# B2C CLI
 
-- this is a monorepo project; packages:
-  - ./packages/b2c-cli - the command line interface built with oclif
-  - ./packages/b2c-tooling-sdk - the SDK/library for B2C Commerce operations; support the CLI and can be used standalone
+This is a monorepo project with the following packages:
+- `./packages/b2c-cli` - the command line interface built with oclif
+- `./packages/b2c-tooling-sdk` - the SDK/library for B2C Commerce operations; supports the CLI and can be used standalone
+
+## Common Commands
+
+```bash
+# Install dependencies
+pnpm install
+
+# Build all packages
+pnpm run build
+
+# Build specific package
+pnpm --filter @salesforce/b2c-cli run build
+pnpm --filter @salesforce/b2c-tooling-sdk run build
+
+# Run tests (includes linting)
+pnpm run test
+
+# Dev mode for CLI (uses source files directly)
+pnpm --filter @salesforce/b2c-cli run dev
+# or using convenience script
+./cli
+
+# Run tests for specific package
+pnpm --filter @salesforce/b2c-cli run test
+pnpm --filter @salesforce/b2c-tooling-sdk run test
+
+# Format code with prettier
+pnpm run -r format
+
+# Lint only (without tests)
+pnpm run -r lint
+```
 
 ## Setup/Packaging
 

README.md

@@ -3,7 +3,7 @@
 [![CI](https://github.com/SalesforceCommerceCloud/b2c-cli/actions/workflows/ci.yml/badge.svg)](https://github.com/SalesforceCommerceCloud/b2c-cli/actions/workflows/ci.yml)
 
 > [!NOTE]
-> This project is currently in **Developer Preview** and will be open sourced in the future.
+> This project is currently in **Developer Preview**. Not all features are implemented, and the API may change in future releases. Please provide feedback via GitHub issues and Unofficial Slack.
 
 Salesforce Commerce Cloud B2C Command Line Tools.
 

b2c_log_center_stream3.png

@@ -7,6 +7,7 @@ const guideSidebar = [
     items: [
       { text: 'Introduction', link: '/guide/' },
       { text: 'Installation', link: '/guide/installation' },
+      { text: 'Authentication Setup', link: '/guide/authentication' },
       { text: 'Configuration', link: '/guide/configuration' },
     ],
   },
@@ -15,9 +16,13 @@ const guideSidebar = [
     items: [
       { text: 'Overview', link: '/cli/' },
       { text: 'Code Commands', link: '/cli/code' },
+      { text: 'Job Commands', link: '/cli/jobs' },
       { text: 'Sites Commands', link: '/cli/sites' },
-      { text: 'Sandbox Commands', link: '/cli/sandbox' },
+      { text: 'WebDAV Commands', link: '/cli/webdav' },
+      { text: 'ODS Commands', link: '/cli/ods' },
       { text: 'MRT Commands', link: '/cli/mrt' },
+      { text: 'SLAS Commands', link: '/cli/slas' },
+      { text: 'Auth Commands', link: '/cli/auth' },
       { text: 'Logging', link: '/cli/logging' },
     ],
   },

docs/.vitepress/config.mts

@@ -0,0 +1,168 @@
+# Auth Commands
+
+Commands for authentication and token management.
+
+## b2c auth token
+
+Get an OAuth access token for use in scripts or other tools.
+
+### Usage
+
+```bash
+b2c auth token
+```
+
+### Flags
+
+| Flag | Environment Variable | Description |
+|------|---------------------|-------------|
+| `--client-id` | `SFCC_CLIENT_ID` | Client ID for OAuth |
+| `--client-secret` | `SFCC_CLIENT_SECRET` | Client Secret for OAuth |
+| `--scope` | `SFCC_OAUTH_SCOPES` | OAuth scopes to request (can be repeated) |
+| `--account-manager-host` | `SFCC_ACCOUNT_MANAGER_HOST` | Account Manager hostname (default: account.demandware.com) |
+
+### Examples
+
+```bash
+# Get a token with default scopes
+b2c auth token --client-id xxx --client-secret yyy
+
+# Get a token with specific scopes
+b2c auth token --scope sfcc.orders --scope sfcc.products
+
+# Output as JSON (useful for parsing)
+b2c auth token --json
+
+# Using environment variables
+export SFCC_CLIENT_ID=my-client
+export SFCC_CLIENT_SECRET=my-secret
+b2c auth token
+```
+
+### Output
+
+The command outputs the access token:
+
+```
+eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...
+```
+
+With `--json`:
+
+```json
+{"token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...","expires_in":1799}
+```
+
+### Use Cases
+
+#### Scripting
+
+Use the token in shell scripts:
+
+```bash
+TOKEN=$(b2c auth token)
+curl -H "Authorization: Bearer $TOKEN" https://my-instance.demandware.net/s/-/dw/data/v24_3/sites
+```
+
+#### CI/CD Pipelines
+
+Get a token for use with other tools:
+
+```bash
+export SFCC_TOKEN=$(b2c auth token --json | jq -r '.token')
+```
+
+#### Testing API Calls
+
+Quickly get a token for testing OCAPI or SCAPI:
+
+```bash
+b2c auth token | pbcopy  # macOS: copy to clipboard
+```
+
+---
+
+## Authentication Overview
+
+The CLI supports multiple authentication methods depending on the operation.
+
+### Account Manager API Client (OAuth)
+
+Most instance operations require an Account Manager API Client. The CLI supports two authentication methods:
+
+| Auth Method | When Used | Role Configuration |
+|-------------|-----------|-------------------|
+| User Authentication | Only `--client-id` provided | Roles on your **user account** |
+| Client Credentials | Both `--client-id` and `--client-secret` provided | Roles on the **API client** |
+
+```bash
+# User Authentication (opens browser for login)
+b2c ods list --client-id xxx
+
+# Client Credentials
+export SFCC_CLIENT_ID=my-client
+export SFCC_CLIENT_SECRET=my-secret
+b2c ods list
+```
+
+Used by:
+- Code management (`code list`, `code activate`, `code delete`)
+- Job operations (`job run`, `job search`, `job import`, `job export`)
+- Site operations (`sites list`)
+- ODS operations (requires `Sandbox API User` role)
+- SLAS operations (requires `SLAS Organization Administrator` or `Sandbox API User` role depending on auth method)
+
+### Basic Auth (WebDAV)
+
+WebDAV operations support Basic Auth using your Business Manager username and WebDAV access key:
+
+```bash
+export SFCC_USERNAME=my-user
+export SFCC_PASSWORD=my-webdav-access-key
+```
+
+Used by:
+- `code deploy` (file upload)
+- `code watch` (file upload)
+- `webdav` commands
+
+### MRT API Key
+
+Managed Runtime commands use a separate API key obtained from the MRT dashboard:
+
+```bash
+export SFCC_MRT_API_KEY=your-mrt-api-key
+```
+
+See [MRT Commands](./mrt#authentication) for details.
+
+### Mixed Authentication
+
+Some commands (like `code deploy` with `--reload`) require both OAuth and WebDAV access:
+
+```bash
+export SFCC_CLIENT_ID=my-client
+export SFCC_CLIENT_SECRET=my-secret
+export SFCC_USERNAME=my-user
+export SFCC_PASSWORD=my-access-key
+b2c code deploy --reload
+```
+
+### Configuration File
+
+Credentials can be stored in a `dw.json` file:
+
+```json
+{
+  "client-id": "my-client",
+  "client-secret": "my-secret",
+  "username": "my-user",
+  "password": "my-access-key"
+}
+```
+
+Use `--config` to specify a custom config file path, or `--instance` to select a named instance configuration.
+
+### Tenant Scope
+
+For ODS and SLAS operations, your API client must have tenant scope configured for the realm/organization you wish to manage. This is set up in Account Manager when creating or editing the API client.

docs/cli/auth.md

@@ -80,12 +80,12 @@ b2c code deploy [CARTRIDGEPATH]
 
 In addition to [global flags](./index#global-flags):
 
-| Flag | Short | Description | Default |
-|------|-------|-------------|---------|
-| `--reload` | `-r` | Reload (re-activate) code version after deploy | `false` |
-| `--delete` | | Delete existing cartridges before upload | `false` |
-| `--cartridge` | `-c` | Include specific cartridge(s) (can be repeated) | |
-| `--exclude-cartridge` | `-x` | Exclude specific cartridge(s) (can be repeated) | |
+| Flag | Description | Default |
+|------|-------------|---------|
+| `--reload`, `-r` | Reload (re-activate) code version after deploy | `false` |
+| `--delete` | Delete existing cartridges before upload | `false` |
+| `--cartridge`, `-c` | Include specific cartridge(s) (can be repeated) | |
+| `--exclude-cartridge`, `-x` | Exclude specific cartridge(s) (can be repeated) | |
 
 ### Examples
 
@@ -154,9 +154,9 @@ b2c code activate [CODEVERSION]
 
 In addition to [global flags](./index#global-flags):
 
-| Flag | Short | Description | Default |
-|------|-------|-------------|---------|
-| `--reload` | `-r` | Reload the code version (toggle activation to force reload) | `false` |
+| Flag | Description | Default |
+|------|-------------|---------|
+| `--reload`, `-r` | Reload the code version (toggle activation to force reload) | `false` |
 
 ### Examples
 
@@ -207,9 +207,9 @@ b2c code delete CODEVERSION
 
 In addition to [global flags](./index#global-flags):
 
-| Flag | Short | Description | Default |
-|------|-------|-------------|---------|
-| `--force` | `-f` | Skip confirmation prompt | `false` |
+| Flag | Description | Default |
+|------|-------------|---------|
+| `--force`, `-f` | Skip confirmation prompt | `false` |
 
 ### Examples
 
@@ -254,10 +254,10 @@ b2c code watch [CARTRIDGEPATH]
 
 In addition to [global flags](./index#global-flags):
 
-| Flag | Short | Description |
-|------|-------|-------------|
-| `--cartridge` | `-c` | Include specific cartridge(s) (can be repeated) |
-| `--exclude-cartridge` | `-x` | Exclude specific cartridge(s) (can be repeated) |
+| Flag | Description |
+|------|-------------|
+| `--cartridge`, `-c` | Include specific cartridge(s) (can be repeated) |
+| `--exclude-cartridge`, `-x` | Exclude specific cartridge(s) (can be repeated) |
 
 ### Examples
 

docs/cli/code.md

@@ -8,31 +8,39 @@ These flags are available on all commands that interact with B2C instances:
 
 ### Instance Flags
 
-| Flag | Short | Environment Variable | Description |
-|------|-------|---------------------|-------------|
-| `--server` | `-s` | `SFCC_SERVER` | B2C instance hostname |
-| `--webdav-server` | | `SFCC_WEBDAV_SERVER` | Separate WebDAV hostname (if different) |
-| `--code-version` | `-v` | `SFCC_CODE_VERSION` | Code version |
+| Flag | Environment Variable | Description |
+|------|---------------------|-------------|
+| `--server`, `-s` | `SFCC_SERVER` | B2C instance hostname |
+| `--webdav-server` | `SFCC_WEBDAV_SERVER` | Secure WebDAV hostname |
+| `--code-version`, `-v` | `SFCC_CODE_VERSION` | Code version |
 
 ### Authentication Flags
 
-| Flag | Short | Environment Variable | Description |
-|------|-------|---------------------|-------------|
-| `--client-id` | | `SFCC_CLIENT_ID` | OAuth client ID |
-| `--client-secret` | | `SFCC_CLIENT_SECRET` | OAuth client secret |
-| `--username` | `-u` | `SFCC_USERNAME` | Username for Basic Auth |
-| `--password` | `-p` | `SFCC_PASSWORD` | Password/access key for Basic Auth |
+| Flag | Environment Variable | Description |
+|------|---------------------|-------------|
+| `--client-id` | `SFCC_CLIENT_ID` | OAuth client ID |
+| `--client-secret` | `SFCC_CLIENT_SECRET` | OAuth client secret |
+| `--username`, `-u` | `SFCC_USERNAME` | Username for Basic Auth |
+| `--password`, `-p` | `SFCC_PASSWORD` | Password/access key for Basic Auth |
 
 ## Command Topics
 
+### Instance Operations
+
 - [Code Commands](./code) - Deploy cartridges and manage code versions
 - [Job Commands](./jobs) - Execute and monitor jobs, import/export site archives
 - [Sites Commands](./sites) - List and manage sites
-- [Sandbox Commands](./sandbox) - Create and manage sandboxes
-- [MRT Commands](./mrt) - Manage Managed Runtime environments
+- [WebDAV Commands](./webdav) - File operations on instance WebDAV
+
+### Services
+
+- [ODS Commands](./ods) - Create and manage On-Demand Sandboxes (ODS)
+- [MRT Commands](./mrt) - Manage Managed Runtime (MRT) projects and deployments
+- [SLAS Commands](./slas) - Manage Shopper Login and Access Service (SLAS) API clients
 
-## Configuration
+### Utilities
 
+- [Auth Commands](./auth) - Authentication and token management
 - [Logging](./logging) - Log levels, output formats, and environment variables
 
 ## Getting Help