b2c-ecdn

star 45

Manage eCDN zones, security settings, and edge configuration for B2C Commerce storefronts. Use this skill whenever the user needs to purge CDN cache, provision SSL certificates, configure WAF or firewall rules, set up rate limiting, enable logpush or Page Shield, manage MRT routing, configure mTLS or cipher suites, or optimize edge performance. Also use when troubleshooting CDN-layer issues or managing zone settings -- even if they just say 'clear the cache' or 'block bot traffic on our storefront'.

SalesforceCommerceCloud By SalesforceCommerceCloud schedule Updated 6/11/2026
play_arrow Run Skill in Manus View GitHub

name: b2c-ecdn description: Manage eCDN zones, security settings, and edge configuration for B2C Commerce storefronts. Use this skill whenever the user needs to purge CDN cache, provision SSL certificates, configure WAF or firewall rules, set up rate limiting, enable logpush or Page Shield, manage MRT routing, configure mTLS or cipher suites, or optimize edge performance. Also use when troubleshooting CDN-layer issues or managing zone settings -- even if they just say 'clear the cache' or 'block bot traffic on our storefront'.

B2C eCDN Skill

Use the b2c CLI plugin to manage eCDN (embedded Content Delivery Network) zones, certificates, security settings, and more.

Tip: If b2c is not installed globally, use npx @salesforce/b2c-cli instead (e.g., npx @salesforce/b2c-cli ecdn zones list).

Configuration

Values like tenantId, clientId, and clientSecret resolve from dw.json / SFCC_* env vars / the active instance / configuration plugins. Examples below show minimal usage; add flags only to override configured values — passing --client-id/--client-secret/--tenant-id is usually unnecessary. If a required value is missing, the CLI emits an actionable error pointing at the flag, env var, and config key.

Run b2c setup inspect to see the resolved configuration and which source provided each value (--json for scripting, --unmask to reveal secrets). For precedence rules and troubleshooting, see the b2c-cli:b2c-config skill.

Prerequisites

  • OAuth credentials with sfcc.cdn-zones scope (read operations)
  • OAuth credentials with sfcc.cdn-zones.rw scope (write operations)
  • Tenant ID for your B2C Commerce organization (from config or --tenant-id)

Examples

List CDN Zones

# list all CDN zones for the configured tenant
b2c ecdn zones list

# JSON output
b2c ecdn zones list --json

# target a different tenant than the active config
b2c ecdn zones list --tenant-id zzxy_prd

Create a Storefront Zone

# create a new storefront zone
b2c ecdn zones create --domain-name example.com

Purge Cache

# purge cache for specific paths
b2c ecdn cache purge --zone my-zone --path /products --path /categories

# purge by cache tags
b2c ecdn cache purge --zone my-zone --tag product-123 --tag category-456

Manage Certificates

# list certificates for a zone
b2c ecdn certificates list --zone my-zone

# add a new certificate
b2c ecdn certificates add --zone my-zone --hostname www.example.com --certificate-file ./cert.pem --private-key-file ./key.pem

# validate a custom hostname
b2c ecdn certificates validate --zone my-zone --certificate-id abc123

Manage Rate Limiting Rules

# list rate limiting rules
b2c ecdn rate-limit list --zone my-zone

# create a rate limiting rule
b2c ecdn rate-limit create --zone my-zone --description "Rate limit /checkout" --expression '(http.request.uri.path matches "^/checkout")' --characteristics cf.unique_visitor_id --action block --period 60 --requests-per-period 50 --mitigation-timeout 600

# get a rule
b2c ecdn rate-limit get --zone my-zone --rule-id 2c0fc9fa937b11eaa1b71c4d701ab86e

# update a rule
b2c ecdn rate-limit update --zone my-zone --rule-id 2c0fc9fa937b11eaa1b71c4d701ab86e --requests-per-period 100

# delete a rule
b2c ecdn rate-limit delete --zone my-zone --rule-id 2c0fc9fa937b11eaa1b71c4d701ab86e --force

Security Settings

# get security settings
b2c ecdn security get --zone my-zone

# update security settings
b2c ecdn security update --zone my-zone --ssl-mode full --min-tls-version 1.2 --always-use-https

Speed Settings

# get speed optimization settings
b2c ecdn speed get --zone my-zone

# update speed settings
b2c ecdn speed update --zone my-zone --browser-cache-ttl 14400 --auto-minify-html --auto-minify-css

Additional Topics

For less commonly used eCDN features, see the reference files:

  • SECURITY.md — WAF (v1 and v2), custom firewall rules, rate limiting, and Page Shield (CSP policies, script detection, notification webhooks)
  • ADVANCED.md — Logpush jobs, MRT routing rules, mTLS certificates, cipher suite configuration, and origin header modification

Configuration Overrides

The tenant ID can be overridden via flag or environment variable:

  • --tenant-id / SFCC_TENANT_ID / tenantId in dw.json

The --zone flag accepts either:

  • Zone ID (32-character hex string)
  • Zone name (human-readable, case-insensitive lookup)

OAuth Scopes

Operation Required Scope
Read operations sfcc.cdn-zones
Write operations sfcc.cdn-zones.rw

More Commands

See b2c ecdn --help for a full list of available commands and options in the ecdn topic.

Install via CLI
npx skills add https://github.com/SalesforceCommerceCloud/b2c-developer-tooling --skill b2c-ecdn
Repository Details
star Stars 45
call_split Forks 11
navigation Branch main
article Path SKILL.md
More from Creator
SalesforceCommerceCloud
SalesforceCommerceCloud Explore all skills →