documentation updates

Author: clavery

AGENTS.md

@@ -20,6 +20,11 @@ pnpm --filter @salesforce/b2c-tooling-sdk run build
 # Run tests (includes linting)
 pnpm run test
 
+# Dev mode for CLI (uses source files directly)
+pnpm --filter @salesforce/b2c-cli run dev
+# or using convenience script
+./cli
+
 # Run tests for specific package
 pnpm --filter @salesforce/b2c-cli run test
 pnpm --filter @salesforce/b2c-tooling-sdk run test
@@ -29,9 +34,6 @@ pnpm run -r format
 
 # Lint only (without tests)
 pnpm run -r lint
-
-# Run CLI in development mode
-./packages/b2c-cli/bin/dev.js <command>
 ```
 
 ## Setup/Packaging

README.md

@@ -3,7 +3,7 @@
 [![CI](https://github.com/SalesforceCommerceCloud/b2c-cli/actions/workflows/ci.yml/badge.svg)](https://github.com/SalesforceCommerceCloud/b2c-cli/actions/workflows/ci.yml)
 
 > [!NOTE]
-> This project is currently in **Developer Preview** and will be open sourced in the future.
+> This project is currently in **Developer Preview**. Not all features are implemented, and the API may change in future releases. Please provide feedback via GitHub issues and Unofficial Slack.
 
 Salesforce Commerce Cloud B2C Command Line Tools.
 

docs/cli/auth.md

@@ -0,0 +1,145 @@
+# Auth Commands
+
+Commands for authentication and token management.
+
+## b2c auth token
+
+Get an OAuth access token for use in scripts or other tools.
+
+### Usage
+
+```bash
+b2c auth token
+```
+
+### Flags
+
+| Flag | Environment Variable | Description |
+|------|---------------------|-------------|
+| `--client-id` | `SFCC_CLIENT_ID` | Client ID for OAuth |
+| `--client-secret` | `SFCC_CLIENT_SECRET` | Client Secret for OAuth |
+| `--scope` | `SFCC_OAUTH_SCOPES` | OAuth scopes to request (can be repeated) |
+| `--account-manager-host` | `SFCC_ACCOUNT_MANAGER_HOST` | Account Manager hostname (default: account.demandware.com) |
+
+### Examples
+
+```bash
+# Get a token with default scopes
+b2c auth token --client-id xxx --client-secret yyy
+
+# Get a token with specific scopes
+b2c auth token --scope sfcc.orders --scope sfcc.products
+
+# Output as JSON (useful for parsing)
+b2c auth token --json
+
+# Using environment variables
+export SFCC_CLIENT_ID=my-client
+export SFCC_CLIENT_SECRET=my-secret
+b2c auth token
+```
+
+### Output
+
+The command outputs the access token:
+
+```
+eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...
+```
+
+With `--json`:
+
+```json
+{"token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...","expires_in":1799}
+```
+
+### Use Cases
+
+#### Scripting
+
+Use the token in shell scripts:
+
+```bash
+TOKEN=$(b2c auth token)
+curl -H "Authorization: Bearer $TOKEN" https://my-instance.demandware.net/s/-/dw/data/v24_3/sites
+```
+
+#### CI/CD Pipelines
+
+Get a token for use with other tools:
+
+```bash
+export SFCC_TOKEN=$(b2c auth token --json | jq -r '.token')
+```
+
+#### Testing API Calls
+
+Quickly get a token for testing OCAPI or SCAPI:
+
+```bash
+b2c auth token | pbcopy  # macOS: copy to clipboard
+```
+
+---
+
+## Authentication Overview
+
+The CLI supports multiple authentication methods depending on the operation:
+
+### OAuth Client Credentials
+
+Most commands use OAuth client credentials authentication:
+
+```bash
+export SFCC_CLIENT_ID=my-client
+export SFCC_CLIENT_SECRET=my-secret
+```
+
+Required for:
+- Code management (`code list`, `code activate`, `code delete`)
+- Job operations (`job run`, `job search`, `job import`, `job export`)
+- Site operations (`sites list`)
+- ODS operations
+- SLAS operations
+- MRT operations
+
+### Basic Auth (WebDAV)
+
+WebDAV operations support Basic Auth for better performance:
+
+```bash
+export SFCC_USERNAME=my-user
+export SFCC_PASSWORD=my-access-key
+```
+
+Used by:
+- `code deploy` (file upload)
+- `code watch` (file upload)
+- `webdav` commands
+
+### Mixed Authentication
+
+Some commands (like `code deploy`) require both OAuth and WebDAV access. You can provide both:
+
+```bash
+export SFCC_CLIENT_ID=my-client
+export SFCC_CLIENT_SECRET=my-secret
+export SFCC_USERNAME=my-user
+export SFCC_PASSWORD=my-access-key
+b2c code deploy --reload
+```
+
+### Configuration File
+
+Credentials can also be stored in a `dw.json` file:
+
+```json
+{
+  "client-id": "my-client",
+  "client-secret": "my-secret",
+  "username": "my-user",
+  "password": "my-access-key"
+}
+```
+
+Use `--config` to specify a custom config file path, or `--instance` to select a named instance configuration.

docs/cli/index.md

@@ -11,7 +11,7 @@ These flags are available on all commands that interact with B2C instances:
 | Flag | Short | Environment Variable | Description |
 |------|-------|---------------------|-------------|
 | `--server` | `-s` | `SFCC_SERVER` | B2C instance hostname |
-| `--webdav-server` | | `SFCC_WEBDAV_SERVER` | Separate WebDAV hostname (if different) |
+| `--webdav-server` | | `SFCC_WEBDAV_SERVER` | Secure WebDAV hostname |
 | `--code-version` | `-v` | `SFCC_CODE_VERSION` | Code version |
 
 ### Authentication Flags
@@ -25,14 +25,22 @@ These flags are available on all commands that interact with B2C instances:
 
 ## Command Topics
 
+### Instance Operations
+
 - [Code Commands](./code) - Deploy cartridges and manage code versions
 - [Job Commands](./jobs) - Execute and monitor jobs, import/export site archives
 - [Sites Commands](./sites) - List and manage sites
-- [Sandbox Commands](./sandbox) - Create and manage sandboxes
-- [MRT Commands](./mrt) - Manage Managed Runtime environments
+- [WebDAV Commands](./webdav) - File operations on instance WebDAV
+
+### Services
+
+- [ODS Commands](./ods) - Create and manage On-Demand Sandboxes (ODS)
+- [MRT Commands](./mrt) - Manage Managed Runtime (MRT) projects and deployments
+- [SLAS Commands](./slas) - Manage Shopper Login and Access Service (SLAS) API clients
 
-## Configuration
+### Utilities
 
+- [Auth Commands](./auth) - Authentication and token management
 - [Logging](./logging) - Log levels, output formats, and environment variables
 
 ## Getting Help