Skip to main content

Learn
Downloads
Changelog
Roadmap

Search in the table of contents...

Sitecore Experience Commerce

Sitecore Experience Commerce

Commerce Service API

Sitecore Experience Commerce
Commerce developer reference
Commerce Core
Commerce Service API
Security

Security

Version:

Security in Sitecore Experience Commerce is based on specific authenticated identities and uses bearer token authentication. Security is enforced at the controller level, and is based on a user's Sitecore credentials. Every user must be authenticated to be able to call any controller from the Commerce Engine.

If you have suggestions for improving this article, let us know!

© Copyright 2026, Sitecore A/S or a Sitecore affiliated company.
All rights reserved.

Privacy policy Sitecore Trust Center Terms of use