Spryker documentation center. https://docs.spryker.com/ Wed, 29 Apr 2026 13:15:59 +0000 Jekyll v4.2.2 Packaged Business Capabilities (PBCs) are capabilities that enclose a certain functionality with the Spryker system. PBCs provide a good foundation for decision makers throughout multiple business entities. This section is in beta because not all the PBCs are covered. Marketplace functionalities will also be added at a later stage. You are welcome to use the docs that are already here, and we will keep adding the docs for the rest of the PBCs. ## Spryker PBCs | NAME | DESCRIPTION | BENEFITS | | --- | --- | --- | | [AI Foundation](/docs/pbc/all/ai-foundation/{{site.version}}/ai-foundation.html) | Provider agnostic AI layer that connects Spryker Commerce OS to leading AI providers through one common interface. | Accelerates delivery of AI features and keeps freedom to choose and change AI providers and models per use case. | | [AI Commerce](/docs/pbc/all/ai-commerce/{{site.version}}/ai-commerce.html) | Brings AI assisted capabilities to the Spryker storefront and Backoffice to help buyers and operators complete commerce tasks faster and more consistently, reducing manual effort with human review and enterprise governance. | Speeds up key commerce workflows while improving consistency and reducing errors, enabling scalable adoption of assisted capabilities across teams and markets. | | [Business Intelligence](/docs/pbc/all/business-intelligence/{{site.version}}/business-intelligence.html) | Analyze data to understand how your shop performs and areas for improvement. | Make informed decisions. | | [Carrier Management](/docs/pbc/all/carrier-management/{{site.version}}/carrier-management.html) | The Spryker Cloud Commerce OS integrates with several shipping carriers and methods and lets you define their availability, price, and tax set. During the checkout process, customers have the option to select their preferred shipment method and relevant carrier. | Ensures quick and cost-effective delivery. | | [Cart and Checkout](/docs/pbc/all/cart-and-checkout/{{site.version}}/cart-and-checkout.html) | The online shopping cart and checkout process act as a gateway for customer and order management. It lets your customers organize and manage their purchases, apply vouchers and coupon codes. Based on their roles and permissions, your B2B customers can add or remove products, share the cart, and manage their purchases. | Increases conversion rates and reduces drop-off rates. Offers additional B2B specific, permission-related functionalities. | | [Content Management System (CMS)](/docs/pbc/all/content-management-system/{{site.version}}/content-management-system.html) | The CMS features let you customize your store, enrich it with information, stories, or other content, and make it easily findable in search engines. Several SEO features enable you to add customized meta information to all your content and create search engine-friendly URLs. | Provides compelling content and stories where your customers need it. | | [Customer Relationship Management (CRM)](/docs/pbc/all/customer-relationship-management/{{site.version}}/customer-relationship-management.html) | The customer management tool lets B2B and B2C businesses manage customer accounts and efficiently monitor shopping habits. It provides your B2B Customers with a way to map their business hierarchies, permissions, and role management. With the creation of distinctive Business Units, the internal hierarchy can easily be mapped out, and each Unit can operate independently. The Roles and Permissions System lets your customer's buyers define the purchase and approval process. | Increases conversion rates and average order values with a compact Customer Relationship Management tool. | | [Data Exchange](/docs/pbc/all/data-exchange/{{site.version}}/data-exchange.html) | You can import your business logic and data, including product information, customer base, categories, and more, into the Spryker Cloud Commerce OS. You can use the out-of-the-box export data functionality as a generic blueprint for any data set that you need to export. | Lets you import and export specific data points quickly and easily. | | [Discount Management](/docs/pbc/all/discount-management/{{site.version}}/discount-management.html) | You can define several types of discounts based on a brand, the overall cart value, specific product ranges, or unique customer groups. You can also offer discount vouchers or incentivize certain products through coupon codes. | Lets you run effective promotional campaigns to boost conversion rates. | | [Dynamic Multistore](/docs/pbc/all/dynamic-multistore/{{site.version}}/dynamic-multistore.html) | Manage stores in the Back Office | Make changes to your stores setup quickly and easily. | | [Emails](/docs/pbc/all/emails/{{site.version}}/emails.html) | You can send automated account e-mails and confirmations or offer different types of newsletter subscriptions. | Keep in touch with your customers. | | [Gift Cards](/docs/pbc/all/gift-cards/{{site.version}}/gift-cards.html) | Lets your customers purchase and redeem gift cards. Enabling gift card purchases can boost your brand awareness and help you reach new customers. | Lets you acquire new customers through gift card payment options. | | [Identity Access Management (IAM)](/docs/pbc/all/identity-access-management/{{site.version}}/identity-access-management.html) | Enables the creation of new accounts for end customers and B2B customers. It also allows users to define password settings and utilize multi-login blockers for security purposes. Moreover, a third-party access management function is integrated. | Allows for quick and easy authorization and authentication of customers | | [Merchant Management](/docs/pbc/all/merchant-management/{{site.version}}/merchant-management.html) | For efficient Merchant Management, two parts are important. One, the overview and management on the Operator side, like approvals, edits, etc. And two, the self-service management of the Merchants, where they can take care of their daily business, like order or product management. | Gives you an overview of all your Merchants' activities. | | Miscellaneous | This category holds the documents that are not related to any PBC. | | | [Offer Management](/docs/pbc/all/offer-management/{{site.version}}/offer-management.html) | Lets your Merchants create Offers on existing products in your Marketplace. By doing so, duplicates in the product catalog can be avoided and the management of Merchants, Products, and Offers becomes much more convenient. | Saves time because of a good overview of Merchant's Offers. | | [Order Management System (OMS)](/docs/pbc/all/order-management-system/{{site.version}}/order-management-system.html) | Helps you keep track of your order processing from your B2B, B2C, or Marketplace, and ensure quick fulfillment. You can manage incoming orders in the Back Office, view and edit orders, track their progress, or contact customers who make open orders directly. With the compact Order Management features, you can keep your order processing running smoothly. | Lets you pProcess orders smoothly to fulfill them quickly. | | [Payment Service Provider (PSP)](/docs/pbc/all/payment-service-provider/{{site.version}}/payment-service-provider.html) | Provides integration of payment methods. You can integrate multiple payment gateways, define their availability, and customize how they appear on your site. | Lets you provide an excellent shopping experience and integrate your customers' preferred payment methods. | | [Price Management](/docs/pbc/all/price-management/{{site.version}}/price-management.html) | The Spryker Cloud Commerce OS supports multiple currencies and automatically detects the payment currency based on a customer's preference. You can manage gross and net prices per product and per country. You can also offer volume discounts to encourage customers to purchase products in larger quantities. | Saves you time by letting you implement your pricing strategy in one place and catering it to your business needs. | | [Product Information Management (PIM)](/docs/pbc/all/product-information-management/{{site.version}}/product-information-management.html) | Encompasses all functionality that is needed to set up your product catalog. With PIM, you can create and extend the product catalog to match your business needs. | Helps you expand your business by organizing your products in a fast and efficient way. | | [Product Relationship Management](/docs/pbc/all/product-relationship-management/{{site.version}}/product-relationship-management.html) | Helps you enhance your shop with cross- and up-selling capabilities to increase sales. | Increases average order values with product relations. | | [Ratings and Reviews](/docs/pbc/all/ratings-reviews/{{site.version}}/ratings-and-reviews.html) | Lets you incorporate user reviews and ratings. You can receive and moderate feedback in the Back Office. The Ratings and Reviews feature also comes with the functionality to add text-free reviews and star ratings. | Inspires trust among customers with ratings and reviews. | | [Request for Quote (RFQ)](/docs/pbc/all/request-for-quote/{{site.version}}/request-for-quote.html) | Your customers can request a quote for products and services that you sell. The Request for Quote feature supports all functionalities of the price engine and product capabilities, such as Volume Prices, Customer Specific Prices, Measuring and Packaging units, Shipping costs, Product Options, etc. | Enhances customer loyalty and increase conversion rates. | | [Return Management](/docs/pbc/all/return-management/{{site.version}}/marketplace/marketplace-return-management-feature-overview.html) | Lets you establish a return policy and execute returns. | Increase customer satisfaction and loyalty. | | [Search](/docs/pbc/all/search/{{site.version}}/base-shop/search-feature-overview/search-feature-overview.html) | The out-of-the-box Elasticsearch technology lets you include full-text search, auto-suggestions, and auto-completion. You can set individual search preferences for multiple stores and categorize your products by adding dynamic filters and facets to help your customers further refine the search results. You can also add more advanced filters that use the product's metadata or promote a brand's top-sellers or highly rated products. | Helps you increase conversion rates by providing an excellent Search and Filter experience. | | [Service Points Management](/docs/pbc/all/service-point-management/{{site.version}}/service-point-management.html) | Set up offline service points where customers can interact with your business. | Creates touch points to connect a shop with offline locations. | | [Shopping List and Wishlist](/docs/pbc/all/shopping-list-and-wishlist/{{site.version}}/shopping-list-and-wishlist.html) | Your B2B customers can save the products they wish to purchase, in shopping lists. Different roles and permission systems ensure smooth sharing and contribution management amongst company users. This PBC encompasses additional features like printing, barcode generation, and direct-to-cart. Enabling your B2C customers to track and save the products they wish to purchase through a wish list function effectively reduces cart abandonment, boosts your sales, and allows you to keep track of which products are of interest to your customers. | Lets you increase conversion rates and loyalty by offering rich Shopping and B2B Wish Lists. | | [Tax Management](/docs/pbc/all/tax-management/{{site.version}}/tax-management.html) | Lets you adhere to respective tax regulations in the countries you sell by configuring and managing tax rates for products, shipments, and additional services. You can define tax rates for different countries and apply integrations to manage US taxes. | Lets you comply with fiscal regulations. | | [User Management](/docs/pbc/all/user-management/{{site.version}}/user-management.html) | Lets the Back Office users manage user access, set rights, and onboard customers. | Ensures high security and compliance through managed user flows. | | [Warehouse Management System (WMS)](/docs/pbc/all/warehouse-management-system/{{site.version}}/warehouse-management-system.html) | Lets you keep an overview of your stock levels in the Back Office to determine accurate availabilities on your store's website. Any open orders or reserved items are taken into consideration when stock availabilities are displayed. | Helps you save your time by keeping an eye on your stock levels. | <!-- | Digital Asset Management (DAM) | The DAM system provides impactful visuals while simultaneously maintaining fast response times, thus helping you reduce your bounce rate effectively and create an enhanced shopping experience. With the DAM, you can add images and videos to any of your pages. | Offers an exceptional brand experience with impactful visuals, banners, and media assets. | --> ### Application PBCs | NAME | DESCRIPTION | BENEFITS | | --- | --- | --- | | Back Office | The administration interface that allows you to manage all back-office tasks. In the Back Office, you can manage and create customer accounts and define who can access the Back Office. You can also keep track of all your internal processes including the management of your products, orders, customers and many more. | Keeps your back-end processes running efficiently, protects your data and administers all accounts. | | Storefront | The out-of-the-box online shop application that includes all regular functionalities and workflows. You can use the Storefront as a boilerplate to kick-start your project. | Lets you easily start your online shop from our boilerplate solution. | ## App Composition Platform apps <div class="width-100"> | APP | CATEGORY | | --- | --- | | [Vertex](/docs/pbc/all/tax-management/{{site.version}}/base-shop/third-party-integrations/vertex/vertex.html) | Tax compliance. | | [Algolia](/docs/pbc/all/search/{{site.version}}/base-shop/third-party-integrations/algolia/integrate-algolia.html) | Search engine. | | [Payone](/docs/pbc/all/payment-service-providers/payone/integrate-payone.html) | Payment service provider. | | [Bazaarvoice](/docs/pbc/all/ratings-reviews/{{site.version}}/third-party-integrations/integrate-bazaarvoice.html) | Platform for user-generated content. | | [Stripe](/docs/pbc/all/payment-service-provider/{{site.version}}/base-shop/third-party-integrations/stripe/stripe.html) | Financial infrastructure platform. | </div> Wed, 29 Apr 2026 10:34:52 +0000 https://docs.spryker.com/docs/pbc/all/pbc.html https://docs.spryker.com/docs/pbc/all/pbc.html <p>AI Commerce brings AI-powered capabilities to your Spryker storefront and back office, reducing manual effort for buyers and shop operators, accelerating commerce workflows. Features are built on the <code>AiFoundation</code> abstraction layer, so the underlying AI model can be swapped or configured per feature without changing application code.</p> <h2 id="features">Features</h2> <table> <thead> <tr> <th>FEATURE</th> <th>DESCRIPTION</th> </tr> </thead> <tbody> <tr> <td><a href="/docs/pbc/all/ai-commerce/latest/smart-pim.html">Smart PIM</a></td> <td>Help catalog managers enrich product information directly in the Backoffice PIM. Get guided suggestions to speed up day-to-day catalog work, improve consistency across markets and languages, and keep full control through human review and auditability.</td> </tr> <tr> <td><a href="/docs/pbc/all/ai-commerce/latest/visual-add-to-cart.html">Visual Add to Cart</a></td> <td>Lets buyers upload a product image on the Quick Order page. AI recognizes the products in the image and pre-fills the order form with matching SKUs and quantities — enabling rapid bulk ordering without manual entry.</td> </tr> <tr> <td><a href="/docs/pbc/all/ai-commerce/latest/backoffice-assistant.html">Back Office Assistant</a></td> <td>An AI-powered chat widget embedded in the Back Office. Admin users can ask natural language questions to navigate the Back Office, diagnose order issues, and create or update discounts.</td> </tr> <tr> <td><a href="/docs/pbc/all/ai-commerce/latest/search-by-image.html">Search by Image</a></td> <td>Lets customers upload a photo to search for products. AI analyzes the image, identifies a search term, and redirects to search results or the first matching product page.</td> </tr> </tbody> </table> <h2 id="who-benefits">Who benefits</h2> <table> <thead> <tr> <th>ROLE</th> <th>BENEFIT</th> </tr> </thead> <tbody> <tr> <td>B2B buyers</td> <td>Faster reordering from photos of shelves, product lists, or packaging. Find products by uploading a photo instead of searching by name.</td> </tr> <tr> <td>Store operators</td> <td>Reduced support requests caused by manual order entry errors. Faster Back Office workflows through conversational AI assistance.</td> </tr> <tr> <td>Developers</td> <td>AI provider-agnostic integration — swap or configure models per feature via configuration.</td> </tr> </tbody> </table> Wed, 29 Apr 2026 10:34:52 +0000 https://docs.spryker.com/docs/pbc/all/ai-commerce/latest/ai-commerce.html https://docs.spryker.com/docs/pbc/all/ai-commerce/latest/ai-commerce.html Spryker Cloud Commerce OS is an end-to-end solution for digital commerce. This document contains a business-level description of new features and improvements. For information about installing Spryker, see [Getting started guide](/docs/dg/dev/development-getting-started-guide). ## B2B Business-Ready Commerce Experiences ### Back Office Configuration Framework is now Generally Available {% include badge.html type="feature" %} Spryker has made the Back Office Configuration Framework generally available, delivering key enterprise‑readiness improvements. The release enhances governance, discoverability, and usability for managing business‑relevant configuration directly in the Back Office. Configuration changes are now easier to understand, control, and audit. {% include carousel.html images=" https://spryker.s3.eu-central-1.amazonaws.com/docs/About/Releases/release-notes-202604/backoffice_framework.png||" %} **Key capabilities:** - Audit logging for configuration changes - Improved search and discoverability of configuration options - UX enhancements for a more reliable configuration experience - CLI-based import support for faster setup and operational workflows - Clear visibility into conflicts between code-based and Back Office configuration **Business benefits:** - Reduces time-to-change by enabling operations teams to adjust configuration without developer involvement, backed by a full audit trail. - Minimizes the risk of costly production disruptions through better validation and conflict visibility before changes go live. - Supports broader enterprise adoption with stronger governance and operability. **Documentation:** - [Back Office Configuration Framework](/docs/pbc/all/back-office/latest/base-shop/backoffice-configuration-framework.html) - [Developer Guide Configuration Management](/docs/dg/dev/backend-development/configuration-management) - [Install the Back Office Configuration Framework feature](/docs/dg/dev/integrate-and-configure/integrate-confguration-feature.html) ### Basic Shop Theming {% include badge.html type="feature" %} Business users can now manage core branding settings directly in the Back Office without code changes or deployments. This provides a standardized way to apply basic theming across Storefront, the Back Office, and Merchant Portal. {% include carousel.html images=" https://spryker.s3.eu-central-1.amazonaws.com/docs/About/Releases/release-notes-202604/theming_1.png||:: https://spryker.s3.eu-central-1.amazonaws.com/docs/About/Releases/release-notes-202604/theming_2.png||" %} **Key capabilities:** - Supports theme management with global and store-specific scope. - Lets users upload and manage logos for Storefront, the Back Office, and Merchant Portal. - Provides configuration for core brand colors, button styles and text colors. - Uses a standardized Back Office configuration experience for theme administration. **Business benefits:** - Speeds up demo preparation, POCs, and early customer activation through instant, self-service branding configuration. - Shop operators can now apply and adjust their brand CI across all Spryker touchpoints at any time directly in the Back Office, without developer involvement or redeployment. **Documentation:** - [Feature Overview](/docs/pbc/all/cart-and-checkout/latest/base-shop/feature-overviews/purchasing-control-feature-overview.html) - [Installation Guide](/docs/pbc/all/cart-and-checkout/latest/base-shop/install-and-upgrade/install-features/install-the-purchasing-control-feature.html) ### Budget & Cost Centers {% include badge.html type="feature,early-access" %} We introduced an Early Access version of budgets and cost centers to support policy-driven purchasing in B2B procurement. The release covers core budget enforcement and its integration with approval workflows. **Key capabilities:** - Lets companies create and manage cost centers and assign buyers to them. - Supports budget creation with configurable enforcement rules such as block, warn, or require approval. - Adds cost center selection and budget validation during checkout. - Integrates budget-triggered approvals with Spryker's existing Approval Process. - Tracks budget consumption and restoration as orders progress. **Business benefits:** - Improves financial control and purchasing compliance. - Reduces overspending risk with enforceable budget rules. - Aligns procurement workflows with departmental or project-based spending structures. - Provides an early demoable foundation for customer and partner conversations. **Documentation:** - [Purchasing Control Feature Overview](/docs/pbc/all/cart-and-checkout/latest/base-shop/feature-overviews/purchasing-control-feature-overview) - [Install Purchasing Control Feature Overview](/docs/pbc/all/cart-and-checkout/latest/base-shop/install-and-upgrade/install-features/install-the-purchasing-control-feature) ### Back Office Product Import & Export {% include badge.html type="feature,early-access" %} Spryker now offers product import and export via the Back Office, reducing reliance on developer‑driven CLI tooling. Business users can prepare and update catalogs faster during onboarding, launches, and routine maintenance. This improves operational speed and gives teams more control over their product data processes. {% include carousel.html images=" https://spryker.s3.eu-central-1.amazonaws.com/docs/About/Releases/release-notes-202604/bo_import_export_1.png||:: https://spryker.s3.eu-central-1.amazonaws.com/docs/About/Releases/release-notes-202604/bo_import_export_2.png||:: https://spryker.s3.eu-central-1.amazonaws.com/docs/About/Releases/release-notes-202604/bo_import_export_3.png||" %} **Key capabilities:** - Import and export product data directly from the Back Office - Single‑file product import, replacing multiple CLI‑required files - CSV‑based jobs with reusable job/run concepts and clear validation feedback **Business benefits:** - Significantly simplifies adding products to the catalog, replacing multi‑file CLI imports with a single, business‑friendly file - Accelerates catalog preparation for new launches and environment migrations - Empowers business users with self‑service error resolution, minimizing developer involvement **Documentation:** - [Product Experience Management](/docs/pbc/all/product-experience-management/latest/product-experience-management.html) - [Install the Product Experience Management feature](/docs/pbc/all/product-experience-management/latest/install-the-product-experience-management-feature.html) ### Product attribute display types {% include badge.html type="feature" %} You can now control where product attributes are visible without project-specific customization. This helps keep internal operational data hidden while displaying only relevant information to buyers. **Key capabilities:** - Adds visibility types for product attributes. - Supports internal-only attributes as well as attributes shown on PDP, PLP, and cart-related experiences. - Provides native configuration for attribute visibility management. **Business benefits:** - Shop operators can now control which attributes are displayed where across the storefront, making it easier to surface the right product information at the right place to support buyer decision-making and product discovery. - Internal attributes can be managed separately to support operational or process-related needs without ever being exposed to buyers. **Documentation:** - [Product Attribute Display Types](/docs/pbc/all/product-information-management/latest/base-shop/feature-overviews/product-feature-overview/product-attribute-visibility-overview) - [Install Product Attribute Visibility Feature](/docs/pbc/all/product-information-management/latest/base-shop/install-and-upgrade/install-features/install-the-product-attribute-visibility-feature) ### Spryker Storefront Design System Foundation {% include badge.html type="feature" %} Building storefronts without a common foundation meant repeated work, slower delivery, and experiences that looked and felt different every time. This release introduces a unified design system with shared foundations and reusable components, so teams work from common building blocks. The result is faster implementation, easier adoption, and the ability to scale storefront delivery without scaling complexity. **Key capabilities:** - Defines the design system foundation with shared tokens and naming conventions. - Introduces token-driven implementation patterns for new storefront components. - Adds composite component patterns built from core UI elements. - Covers common structures such as cards, buttons, input fields, headers, search and more. **Business benefits:** - Improves consistency across storefront experiences. - Reduces duplicate design and frontend implementation effort. - Accelerates feature delivery with reusable UI patterns. - Creates a stronger foundation for future storefront evolution. **Documentation:** - [How to use design system tokens](/docs/dg/dev/frontend-development/latest/design-tokens#how-it-works) ### Back Office Product Import & Export {% include badge.html type="feature,early-access" %} Spryker now offers product import and export via the Back Office, reducing reliance on developer‑driven CLI tooling. Business users can prepare and update catalogs faster during onboarding, launches, and routine maintenance. This improves operational speed and gives teams more control over their product data processes. {% include carousel.html images=" https://spryker.s3.eu-central-1.amazonaws.com/docs/About/Releases/release-notes-202604/bo_import_export_1.png||:: https://spryker.s3.eu-central-1.amazonaws.com/docs/About/Releases/release-notes-202604/bo_import_export_2.png||:: https://spryker.s3.eu-central-1.amazonaws.com/docs/About/Releases/release-notes-202604/bo_import_export_3.png||" %} **Key capabilities:** - Import and export product data directly from the Back Office - Single‑file product import, replacing multiple CLI‑required files - CSV‑based jobs with reusable job/run concepts and clear validation feedback **Business benefits:** - Significantly simplifies adding products to the catalog, replacing multi‑file CLI imports with a single, business‑friendly file - Accelerates catalog preparation for new launches and environment migrations - Empowers business users with self‑service error resolution, minimizing developer involvement **Documentation:** - [Product Experience Management](/docs/pbc/all/product-experience-management/latest/product-experience-management.html) - [Install the Product Experience Management feature](/docs/pbc/all/product-experience-management/latest/install-the-product-experience-management-feature.html) ### Budget & Cost Centers {% include badge.html type="feature,early-access" %} We introduced an Early Access version of budgets and cost centers to support policy-driven purchasing in B2B procurement. The release covers core budget enforcement and its integration with approval workflows. **Key capabilities:** - Lets companies create and manage cost centers and assign buyers to them. - Supports budget creation with configurable enforcement rules such as block, warn, or require approval. - Adds cost center selection and budget validation during checkout. - Integrates budget-triggered approvals with Spryker's existing Approval Process. - Tracks budget consumption and restoration as orders progress. **Business benefits:** - Improves financial control and purchasing compliance. - Reduces overspending risk with enforceable budget rules. - Aligns procurement workflows with departmental or project-based spending structures. - Provides an early demoable foundation for customer and partner conversations. **Documentation:** - [Purchasing Control Feature Overview](/docs/pbc/all/cart-and-checkout/latest/base-shop/feature-overviews/purchasing-control-feature-overview) - [Install Purchasing Control Feature Overview](/docs/pbc/all/cart-and-checkout/latest/base-shop/install-and-upgrade/install-features/install-the-purchasing-control-feature) ### Back Office support for merchant product ownership {% include badge.html type="improvement" %} Marketplace operators can now manage merchant ownership of products directly in the Back Office, without relying on the Merchant Portal. This makes it easier to maintain accurate product data in centrally managed or hybrid marketplace models. The result is smoother operations and clearer accountability across the catalog. **Key capabilities:** - Assign or update merchant ownership for any product directly in Back Office workflows. - See merchant ownership instantly within product management views. - Maintain merchant‑related product data as part of your standard PIM processes. **Business benefits:** - Strengthens support for centrally managed catalogs and hybrid marketplace models, giving operators more flexibility in how they run their marketplace. - Improves transparency and control, making ownership clear, consistent, and auditable. - Reduces reliance on workarounds and custom tooling, lowering operational overhead. - Supports more flexible marketplace operations, enabling teams to scale product management with confidence. **Documentation:** - [Marketplace Create Abstract Products](//docs/pbc/all/product-information-management/latest/marketplace/manage-in-the-back-office/products/abstract-products/create-abstract-products#defining-general-settings) ### Back Office Frontend Modernisation {% include badge.html type="improvement" %} We delivered the first phase of the Back Office theme modernisation to improve clarity, consistency, and responsiveness. This update creates a more usable and scalable visual foundation without changing the overall information architecture. **Key capabilities:** - Improves visual hierarchy and component consistency across the Back Office. - Reduces UX debt introduced by legacy Inspinia defaults. - Enhances spacing, density, emphasis, and table presentation. - Provides a more stable foundation for future Back Office UX improvements. **Business benefits:** - Improves daily usability for Back Office users. - Makes the Back Office more credible and demo-ready. - Reduces the need for one-off CSS customizations. - Establishes a better base for future product evolution. ### Streamlined Login and Session Recovery Experience {% include badge.html type="improvement" %} Logging in should feel like picking up where you left off, not starting over. With this release, users across the Back Office, Storefront, and Marketplace are presented with a meaningful dashboard featuring quick actions for common tasks, including viewing orders, adding products, and checking returns. After a session timeout, users are redirected back to the page they were on so they do not lose track of what they were doing. **Key capabilities:** - Redirects Back Office users to the dashboard instead of a blank technical page after login. - Adds action-oriented quick actions to the Back Office dashboard for common tasks such as viewing orders, adding products, opening the catalog, and checking returns. - Restores the last visited page after session timeout across the Back Office, Storefront, and Marketplace. - Reopens create and edit pages after re-login, while unsaved data is not preserved. **Business benefits:** - Reduces onboarding friction for new users. - Helps operational users continue workflows faster after session expiration. - Improves usability and perceived product maturity across core daily journeys. - Makes demos and first-touch product experiences more intuitive. ## Connected, and AI-Enabled Platform ### Spryker Now Ships with AI Foundation and Smart Product Enrichment {% include badge.html type="improvement,early-access" %} Spryker now includes the AI Foundation and Smart PIM out of the box, allowing merchants to adopt AI‑assisted catalog enrichment with minimal setup. Product content can be improved, translated, and enriched directly in the Back Office using AI, reducing manual work and improving content quality. Customers only need to connect their preferred AI provider to start benefiting from AI‑powered product enhancements, with governance automatically handled through AI Foundation. **Key capabilities** - Enhances and translates product names and descriptions using AI - Generates alt‑text for product images and suggests suitable product categories - Delivered by default in Spryker, requiring only AI provider configuration **Business benefits** - Reduces manual effort in creating and refining product content across the catalog - Makes AI adoption easier by providing a pre‑configured integration layer with built‑in governance and provider flexibility - Speeds up catalog enrichment and localization for merchants operating across multiple markets **Documentation** - [AI Foundation Overview](/docs/dg/dev/ai/ai-foundation/ai-foundation-module) - [Smart PIM](/docs/pbc/all/ai-commerce/latest/smart-pim) ### Smart Back Office Assistant {% include badge.html type="feature,early-access" %} Spryker introduces the Smart Back Office Assistant, enabling operators to perform Back Office tasks through natural language instead of relying solely on manual navigation. Operators can get guidance on where to find features, ask operational and order‑related questions, and create discounts directly through chat. This makes Back Office work faster, more intuitive, and easier for all user types. {% include carousel.html images=" https://spryker.s3.eu-central-1.amazonaws.com/docs/About/Releases/release-notes-202604/bo_ai_assistant.png||" %} **Key capabilities** - Provides navigation and operational guidance to help users quickly find functions and understand Back Office workflows - Answers order‑related questions, including order status and operational details - Assists to complete forms, for example, by enabling discount creation directly through chat. **Business benefits** - Reduces time spent searching for pages and completing repetitive tasks - Improves usability for operators who are less familiar with Back Office structure or workflows - Helps prevent errors by guiding operators through correctly structured inputs and actions **Documentation** - [Back Office Assistant](/docs/dg/dev/ai/ai-commerce/ai-commerce-overview.html) - [Install Back Office Assistant](/docs/dg/dev/ai/ai-commerce/backoffice-assistant/install-backoffice-assistant.html) ### AI Foundation Visibility & Governance Enhancements {% include badge.html type="feature,early-access" %} Spryker introduces comprehensive visibility into AI activity through new Back Office views for both AI interactions and AI workflow execution. Teams can now inspect prompts, responses, metadata, and workflow states in a single place, improving transparency and control over AI‑driven processes. These enhancements strengthen governance, streamline troubleshooting, and make AI operations easier to understand and monitor. {% include carousel.html images=" https://spryker.s3.eu-central-1.amazonaws.com/docs/About/Releases/release-notes-202604/bo_ai_auditlogs_1.png||:: https://spryker.s3.eu-central-1.amazonaws.com/docs/About/Releases/release-notes-202604/bo_ai_auditlogs_2.png||" %} **Key capabilities:** - Back Office audit logs for reviewing prompts, responses, metadata, and model details - Workflow execution views with list, detail, state history, and visualized transitions - Filtering, sorting, and inline inspection tools for efficient debugging and analysis **Business benefits:** - Improves governance and traceability across all AI‑powered processes - Simplifies troubleshooting by making AI interactions and workflow states fully transparent - Gives operators greater control over AI‑driven actions with clear visibility into execution paths **Documentation:** - [AI Foundation Audit Logs](/docs/dg/dev/ai/ai-foundation/ai-foundation-audit-logs.html) - [AI Foundation Workflows](/docs/dg/dev/ai/ai-foundation/ai-foundation-workflow-state-machine) ### Smart Visual Product Search & Ordering {% include badge.html type="improvement,early-access" %} Spryker now enables buyers to identify products and start orders simply by uploading or capturing an image. Whether it's a technical part, a field-site photo, or a handwritten note, the system can recognize products and quantities and help buyers move directly from identification to ordering. The entire capability now runs on the Spryker AI Foundation, offering provider flexibility, improved reliability, and easier long‑term adoption. **Key capabilities** - Helps buyers identify relevant or visually similar products by uploading or capturing an image - Prefills the quick order form with products and quantities extracted from photos, screenshots, or handwritten notes - Uses Spryker AI Foundation for multi‑provider support (OpenAI, Azure, Bedrock) and centralized AI governance **Business benefits** - Speeds up product identification and ordering, especially for technical and spare‑parts workflows - Reduces manual entry and ordering errors by interpreting product information directly from images - Supports mobile and field‑based buying scenarios where buyers capture photos instead of searching by name or SKU **Documentation** - [Search by Image](/docs/pbc/all/ai-commerce/latest/search-by-image) - [Visual Add to Cart](/docs/pbc/all/ai-commerce/latest/visual-add-to-cart) - [Install Search by Image](/docs/dg/dev/ai/ai-commerce/search-by-image/install-search-by-image) - [Install Visual Add to Cart](/docs/dg/dev/ai/ai-commerce/visual-add-to-cart/install-visual-add-to-cart) ### AI Dev Tooling for Coding Agents {% include badge.html type="feature,early-access" %} Spryker now provides ready-to-use new AI Dev tooling to help development teams work more effectively with coding agents in Spryker projects. The update provides ready-to-use agent instruction files and reusable Spryker-specific skill examples. **Key capabilities:** - Generates a project‑ready agent configuration file (AGENTS.md) - Generates a set of rules for AI agent based on Spryker coding conventions and architectural guidelines - Provides reusable skill examples covering testing, data import, schema conventions, validation, and frontend development - Includes a setup command that generates agent configuration file, rules and skills for supported coding agents **Business benefits:** - Speeds up onboarding for developers who are new to Spryker by giving AI coding agents the right context from day one - Improves code quality and consistency through pre‑written, Spryker‑aligned development rules - Helps teams deliver features faster by reducing back‑and‑forth with AI tools and minimizing incorrect code generation **Documentation:** - [AI Dev SDK](/docs/dg/dev/ai/ai-dev/ai-dev-overview) ### API Platform is now Generally Available {% include badge.html type="feature" %} Spryker made API Platform generally available as the foundation for modern API development and migration. Existing APIs have been migrated to API Platform internally while keeping external contracts backward-compatible. This enables faster API delivery, easier extensibility, and more standardized API development.  **Key capabilities:** - Declarative API development using YAML schemas - API generation with validation, pagination, serialization, and operation-specific rules - Interactive and always up-to-date OpenAPI documentation - Backward-compatible migration of existing APIs to API Platform infrastructure - Cleaner separation of read and write logic through providers and processors **Business benefits:** - Reduces development effort for new and existing APIs - Improves consistency and maintainability of API implementations - Accelerates delivery of integrations and future API capabilities **Documentation:** - [API Platform](/docs/dg/dev/architecture/api-platform.html) - [Migration Status of out-of-the-box API Endpoints](/docs/dg/dev/architecture/api-platform/migrate-to-api-platform-status.html) ### Algolia configuration in the Back Office {% include badge.html type="improvement" %} Spryker updated the Algolia integration settings in the Back Office to replace the legacy ACP-based configuration experience. The new page uses the Back Office Configuration Framework and provides a more consistent and user-friendly way to manage Algolia credentials. This helps reduce setup effort and simplifies validation during implementation. **Key capabilities:** - New configuration section in **Back Office > Configuration > Integrations > Algolia** - Manage Algolia credentials, including: - Application ID - Search-only API key - Admin API key - Validate credentials directly via API calls - Align Algolia setup with the current Spryker-native integration approach **Business benefits:** - Simplifies Algolia setup and maintenance in the Back Office - Reduces implementation time and configuration errors - Replaces legacy ACP-era fields with a clearer configuration experience **Documentation:** - [Integrate Algolia](/docs/pbc/all/search/latest/base-shop/third-party-integrations/algolia/integrate-algolia) ### Mollie PSP Integration {% include badge.html type="feature" %} Spryker introduces a new native integration with Mollie, a leading European payment service provider, enabling seamless B2B and B2C payment experiences across key European markets. The integration allows merchants to quickly enable a wide range of local and international payment methods with minimal development effort. It is delivered in collaboration with Spryker Solution Partner KPS. **Key capabilities:** - Native integration with Mollie - Support for a wide range of local European and international payment methods - Plug-and-play setup with minimal custom development **Business benefits:** - Faster time-to-market for European commerce use cases - Improved conversion through localized payment experiences - Reduced implementation complexity and maintenance overhead **Documentation:** - [Mollie integration](https://github.com/mollie/spryker) ### OAuth SSO readiness for Spryker applications {% include badge.html type="feature" %} Spryker introduced a standardized and reusable approach for OAuth 2.0 and OpenID Connect single sign-on across key applications. The release establishes a consistent integration pattern for identity providers such as Keycloak, Azure AD, and Okta for the Back Office, Storefront, and Merchant Portal. This makes identity integrations more predictable and reduces the need for project-specific implementations. **Key capabilities:** - Standardized SSO approach for: - the Back Office - Storefront - Merchant Portal - Support for OAuth Authorization Code flow with PKCE - Provider-agnostic integration based on configurable OAuth providers - Persistent identity linking between external providers and Spryker users - Reference implementation, templates, configuration patterns, and rollout guidance - Backward compatibility with existing form-based login **Business benefits:** - Reduces time and cost for enterprise identity integrations - Improves implementation predictability across projects - Creates a reusable foundation for federated authentication across Spryker entry points **Documentation:** - [Federated Authentication via OAuth2/OIDC](/docs/pbc/all/oauth/latest/federated-authentication.html) ### Native PunchOut Gateway for cXML and OCI {% include badge.html type="feature,early-access" %} Spryker introduced native PunchOut Gateway capabilities for cXML and OCI to reduce bespoke integration work in procurement-driven B2B commerce. The release adds reusable building blocks for common PunchOut flows, including session start, shopping, cart updates, and cart return. This strengthens support for enterprise procurement environments, especially SAP-centric setups. **Key capabilities:** - Native compatibility for cXML and OCI PunchOut scenarios - Support for basic PunchOut requisition and cart flows - Standard OCI parameter handling - OCI cart return support with line items - Reusable message handling and implementation guidance **Business benefits:** - Reduces custom development effort for PunchOut implementations - Speeds up procurement-channel enablement and time-to-revenue - Improves repeatability and maintainability across B2B integration projects **Documentation:** - [PunchOut Gateway](/docs/pbc/all/punchout-gateway/punchout-gateway) ### New Stripe Integration {% include badge.html type="improvement" %} Spryker introduced a new Stripe integration that replaces the legacy ACP-based app with a more extensible Spryker-native implementation. The release also adds a dedicated configuration page in the Back Office for managing Stripe settings. This gives customers and partners more control over Stripe-based payment flows and reduces dependency on legacy integration boundaries. **Key capabilities:** - New installable Stripe Eco module without ACP runtime dependency - Support for checkout payment method selection - Support for payment initialization, authorization, capture, refund, and cancel flows - New configuration section in **Back Office > Configuration > Integrations > Stripe** - Validation of Stripe keys and webhook configuration - Storage of Stripe settings in configuration storage **Business benefits:** - Improves flexibility for extending and customizing Stripe payment flows - Reduces implementation risk and legacy dependency overhead - Lowers long-term maintenance effort and supports faster payment innovation **Documentation:** - [New Stripe Integration](https://github.com/spryker-eco/stripe/releases/tag/1.0.0) ### New Vertex Integration {% include badge.html type="improvement" %} Spryker introduced a new Vertex integration to replace the legacy ACP-based approach for tax calculation scenarios. The new integration is designed to provide more flexibility and reduce legacy constraints when adapting tax-related processes. This supports more maintainable and extensible tax integrations over time. **Key capabilities:** - New Spryker-native Vertex integration - Reduced reliance on legacy ACP-based architecture - Improved extensibility for tax calculation and related scenarios **Business benefits:** - Supports more adaptable tax integrations for changing business needs - Reduces integration friction and project-specific patching - Lowers total cost of ownership through improved maintainability **Documentation:** - [Integrate Vertex](/docs/pbc/all/tax-management/latest/base-shop/third-party-integrations/vertex/install-vertex/integrate-vertex) ### Data import performance and stability enhancements {% include badge.html type="improvement" %} We improved the data import experience and robustness for large data volumes. Data imports now provide better execution visibility through a progress bar, and memory usage has been optimized to better support very large imports, including merchant price imports with up to 1 million records. **Key capabilities:** - Added a progress bar for data import console commands to show execution progress. - Reduced memory consumption in data import flows to prevent out-of-memory issues during large imports. - Improved reliability for high-volume imports across data import entities. **Business benefits:** - Helps operators better monitor long-running imports. - Reduces failures caused by memory exhaustion during large imports. - Improves operational efficiency for bulk data onboarding. **Documentation:** - [Data import (memory usage)](/docs/dg/dev/guidelines/performance-guidelines/keeping-dependencies-updated.html#data-import-memory-usage) - [Data import Progress bar](/docs/dg/dev/data-import/latest/data-import-optimization-guidelines.html#progress-bar) ### Performance and security improvements {% include badge.html type="improvement" %} We made your Spryker Commerce OS faster, more secure, and more stable. **Key capabilities:** - Non-buffered log streaming presents the logs immediately. - Lower latency and response times in storefront with optimized widgets. - Lower latency and response times in the Back Office and Merchant Portal. - Higher stability and throughput of Publish & Synchronize workers. The update introduces dynamic waiting behavior, better control over parallel job execution, and compatibility improvements for Symfony Messenger resource-aware workers. **Documentation:** - [Non-buffered log streaming](https://api.release.spryker.com/release-group/6411) - [Yves widget performance best practices](/docs/dg/dev/guidelines/performance-guidelines/yves-performance-best-practice.html) - [Split Publish & Synchronize queues for performance](/docs/dg/dev/guidelines/performance-guidelines/split-queues-performance.html) - [Merchant Portal and Back Office performance with ACL rules](/docs/dg/dev/guidelines/performance-guidelines/keeping-dependencies-updated.html#merchant-portal-and-back-office-performance-with-acl-rules) - [Order details page performance guidance](/docs/pbc/all/order-management-system/latest/base-shop/order-management-feature-overview/order-details-page-performance-overview.html) ## Efficient and Flexible Cloud Foundation ### Spryker Monitoring Integration: logs forwarding {% include badge.html type="improvement" %} Spryker expanded cloud observability by enabling log forwarding through [SMI](/docs/ca/dev/monitoring/spryker-monitoring-integration/spryker-monitoring-integration.html) to third-party monitoring platforms of your choice. This allows teams to correlate logs with traces, create alerts based on log data, and use their preferred monitoring tooling beyond AWS CloudWatch. {% include carousel.html images=" https://spryker.s3.eu-central-1.amazonaws.com/docs/About/Releases/release-notes-202604/SMI-dynatrace-logs.png||:: https://spryker.s3.eu-central-1.amazonaws.com/docs/About/Releases/release-notes-202604/SMI-dynatrace-traces.png||" %} **Key capabilities:** - Inspect logs from Spryker Platform in your monitoring tool - Correlate logs with traces using trace and span identifiers - Configure log verbosity to control emitted log volume **Business benefits:** - Improved troubleshooting through unified logs and traces - Better alerting capabilities based on application and infrastructure log events **Documentation:** - [Spryker Monitoring Integration Logs](/docs/ca/dev/monitoring/spryker-monitoring-integration/opentelemetry-instrumentation#smi-logs-integration) ### Single Sign-On (SSO) for Cloud services {% include badge.html type="feature" %} Spryker introduced centralized access management for cloud services, including SSO support for customer identity providers such as Okta and OneLogin. This update reduces manual access handling, improves security, and simplifies onboarding and offboarding for users. It also includes rollout, production-readiness, and IAM cleanup measures to standardize and harden access controls. <figure class="video_container"> <video width="100%" height="auto" controls> <source src="https://spryker.s3.eu-central-1.amazonaws.com/docs/About/Releases/release-notes-202604/2026-Cloud-Hub-SSO-Lofi.mp4" type="video/mp4"> </video> </figure> **Key capabilities:** - Connect your own identity provider for SSO access to cloud services - Centralize user access management for services such as Jenkins, RabbitMQ, and others - Reduce manual access management effort through self-service-oriented processes **Business benefits:** - Faster and more secure user onboarding and offboarding - Reduced operational effort for access requests and changes - TLS-encrypted communication to Jenkins and RabbitMQ over internal environment network **Documentation:** - [Spryker Cloud SSO Access](/docs/ca/dev/access/sso-access.html) ### Bastion security hardening {% include badge.html type="improvement" %} Spryker improved Bastion host security and maintainability by upgrading the operating system, isolating workloads from the host, and enforcing SSO and MFA for human access. This change modernizes the setup while keeping customer impact minimal and preserving SFTP access for integrations. **Key capabilities:** - Upgrade Bastion hosts to a current LTS operating system - Enforce SSO and MFA for human access, deprecate direct SSH access for human users **Business benefits:** - Improved security posture for administrative access ### Maintenance and service updates {% include badge.html type="improvement" %} Spryker delivered maintenance updates across cloud services and application tooling to keep the platform secure, supported, and maintainable. **Key capabilities:** - RabbitMQ 4.2 is now supported in Docker SDK for local development environments. - Node.js 24 introduces V8 v13.6 and npm 11, which results in noticeably faster `frontend:yves:build` and `frontend:zed:build` runs. **Business benefits:** - Reduced security and operational risk from outdated components **Documentation:** - [RabbitMQ 4.2 in Docker SDK](/docs/dg/dev/sdks/the-docker-sdk/the-docker-sdk.html) - [Upgrade Node.js and npm](/docs/dg/dev/upgrade-and-migrate/upgrade-nodejs.html#prerequisites) Wed, 29 Apr 2026 09:20:10 +0000 https://docs.spryker.com/docs/about/all/releases/release-notes-202604.0.html https://docs.spryker.com/docs/about/all/releases/release-notes-202604.0.html Spryker Cloud Commerce OS is an end-to-end solution for digital commerce. This document contains a business-level description of new features and improvements. For information about installing Spryker, see [Getting started guide](/docs/dg/dev/development-getting-started-guide). ## B2B Business-Ready Commerce Experiences ### Product Attachments {% include badge.html type="feature" %} Introduces out-of-the-box Product Attachments capability commonly required in industrial B2B purchasing. {% include carousel.html images="https://spryker.s3.eu-central-1.amazonaws.com/docs/About/Releases/release-notes-202602/product_attachments_storefront_pdp.png||::https://spryker.s3.eu-central-1.amazonaws.com/docs/About/Releases/release-notes-202602/product_attachments_backoffice_pim.png||" %} **Key capabilities** - Back Office management of product-related documents (for example, datasheets, certificates, manuals). - Provide external links to product attachments via data import. - Display and download or view attachments on the product details page. **Business benefits** - Supporting buyers' decisions by providing more detailed product information. - Removes approval bottlenecks and shortens the path from product view to first transaction. **Documentation** - [Product Attachments overview](/docs/pbc/all/product-information-management/latest/base-shop/feature-overviews/product-feature-overview/product-attachments-overview.html) - [Install the Product Attachments feature](/docs/pbc/all/product-information-management/latest/base-shop/install-and-upgrade/install-features/install-the-product-attachments-feature.html) ### Product & Merchant Offer Availability Display {% include badge.html type="feature" %} Introduces native, configurable product and merchant offer availability display for B2B Commerce and Marketplace scenarios, reducing customization and increasing buyer confidence at the point of decision. **Key capabilities** - Native availability display on the product details page (PDP) and in the cart - Configurable display logic: - Availability indicator only (for example Available / Out of Stock) - Exact stock quantity combined with indicator - Configuration option for the sort order of merchant offers in the B2B Marketplace - Built on existing Spryker stock data structures **Business benefits** - Buyers see reliable availability information at the point of decision. - Businesses no longer need custom implementations for basic stock visibility. - Transparent stock visibility increases direct orders and reduces operational overhead. **Documentation** - [Product Availability Display feature overview](/docs/pbc/all/warehouse-management-system/latest/base-shop/product-availability-display-feature-overview) - [Buy Box feature overview](/docs/pbc/all/offer-management/latest/marketplace/buy-box-feature-overview) ### Backoffice Configuration Framework {% include badge.html type="feature,early-access" %} Introduces a structured, extensible framework to expose business-relevant configuration directly in the Spryker Back Office without code changes or redeployments. **Key capabilities** - Structured Business Configuration via UI - Developers define configuration options in YAML once. - The framework automatically renders validated Back Office UI pages. - Runtime Configuration Without Deployment - Configuration changes are applied at runtime, no code change, no pull request, no deployment required. - Support for Out-of-the-Box and Custom Features. The framework works for: - Standard Spryker features - Project-specific customizations - Built-in Validation & Guardrails - Business users can only adjust explicitly defined and validated options, preventing misconfiguration. **Business benefits** - Faster Time to Change - Business teams adjust approved behaviors instantly, no development sprint required. - Lower Total Cost of Change - Reduces repetitive engineering effort for configuration updates and eliminates custom UI builds per feature. - Faster Experimentation - Test different configuration setups (for example display logic, marketplace sorting) without waiting for release cycles. ### B2B-only Mode Enablement Reduces project setup time for customers and partners who want B2B Commerce only, without Marketplace complexity. **Key capabilities** - Added a **guideline and deployment script** to start the unified demo shop in a standardized **B2B Commerce–only mode**, reducing required manual cleanup and configuration. **Business benefits** - Faster project initialization for B2B-only projects. - Lower implementation cost and reduced efforts. - Clearer positioning and smoother kick-off experience. **Documentation** - [Uninstall the Marketplace from B2B Demo Marketplace](/docs/about/all/uninstall-marketplace-from-b2b-demo-marketplace) ### New Industrial Homepage Sample Data {% include badge.html type="improvement" %} The new sample data allows you to explore more realistic B2B Commerce journeys and capabilities without needing to import your own data. **Key capabilities** - Updated homepage content to industrial goods and services across key blocks (banners, featured categories, featured products, top sellers). **Business benefits** - More realistic demos that reflect real industrial buying journeys. - Faster evaluations by showing realistic catalog and merchandising scenarios out of the box. - Less manual demo preparation for partners and solution teams. ### UX & Design Improvements for Storefront & Back Office {% include badge.html type="improvement" %} Improves clarity, consistency, and perceived quality across core pages and navigation. {% include carousel.html images="https://spryker.s3.eu-central-1.amazonaws.com/docs/About/Releases/release-notes-202602/Menu Icons.png||::https://spryker.s3.eu-central-1.amazonaws.com/docs/About/Releases/release-notes-202602/Empty_status_page.png||::https://spryker.s3.eu-central-1.amazonaws.com/docs/About/Releases/release-notes-202602/Toast_notifications.png||" %} **Key capabilities** - Redesigned the Back Office 404 page with clear recovery actions and consistent styling, removing technical error output for a smoother user experience. - Improved empty states for Addresses, Orders, and Returns pages in storefront to guide users with clear next steps and better first-time usability. - Updated navigation to Google Material Icons for visual consistency with the Merchant Portal. - Replaced full-width banner of toast notifications with stacked, auto-dismissing toast notifications for lightweight, non-disruptive feedback. - Fixed Back Office form validation errors showing untranslated message keys (restored translation rendering). **Business benefits** - Faster task completion and reduced confusion in Back Office operations. - Better first-time experience for B2B customers on key storefront pages. - Higher perceived product quality and consistency for enterprise users. - Reduced support noise caused by unclear errors and untranslated validation messages. ### PunchOut: cXML Compatibility in Spryker API <span class="inline-img"></span> Enables standardized B2B PunchOut integrations via cXML support. **Key capabilities** - Support for **cXML (Commerce XML)** as an additional data exchange format in the Spryker API Platform. - Documentation and guidance for implementing PunchOut integrations with external eProcurement systems. **Business benefits** - Enterprise-ready B2B integration API Compatibility with leading procurement platforms. - Simplified implementation of PunchOut scenarios for customers and partners. - Stronger positioning in complex B2B commerce environments. **Documentation** - [PunchOut Development Plan](/docs/integrations/custom-building-integrations/punchout-development-plan) ## Connected, and AI-Enabled Platform ### Spryker AI Foundation: Operable, Structured, and Extensible AI Runtime {% include badge.html type="early-access,improvement" %} Enhances the AI Foundation runtime layer to make AI executions easier to operate at scale, safer to integrate into product code, and more extensible for evolving use cases. **Key capabilities** - Prompt responses now return **token usage** and **applied AI configuration details** (for example, provider/vendor, model, configuration name, and relevant parameters) for improved transparency and troubleshooting. - Added **structured response support** aligned with **Spryker Transfers**, enabling validated, contract-based AI outputs rather than fragile free-text parsing. - Introduced a supported **tool call extension mechanism** for AI Foundation, enabling standardized enrichment of tool call inputs/outputs without project-specific integration workarounds. **Business benefits** - Improved cost and performance control through token visibility and configuration traceability. - More reliable production integrations through typed, validated AI outputs (reduced downstream breakage from phrasing changes). - Lower long-term maintenance and support effort via a standardized extension mechanism for evolving AI use cases. **Documentation** - [AI Foundation](/docs/pbc/all/ai-foundation/latest/ai-foundation.html) - [Install the AI Foundation module](/docs/dg/dev/ai/ai-foundation/ai-foundation-module.html) - [Use AI tools with the AiFoundation module](/docs/dg/dev/ai/ai-foundation/ai-foundation-tool-support.html) - [Use structured responses with the AiFoundation module](/docs/dg/dev/ai/ai-foundation/ai-foundation-transfer-response.html) ### Spryker AI Commerce: Agent Foundations and Smart PIM Improvements {% include badge.html type="early-access,improvement" %} Adds foundational capabilities for advanced agent workflows and improves the Back Office Smart PIM with safer, more reliable AI-assisted product description support. **Key capabilities** - **Conversation history** support to maintain context across interactions, enabling better multi-step workflows. - Introduced a **workflow orchestration layer** for predictable multi-step AI executions, including structured transitions, error handling, and auditability. - Back Office Smart PIM: **AI assistance for product descriptions** directly within abstract and concrete product create and edit pages: - Actions to **Translate content** and **Improve content** - Review-before-apply workflow to avoid accidental overwrites - Backoffice Smart PIM: **Clear user feedback when AI is not configured or unavailable**: - Validates provider credentials before calling external AI services - Shows user-facing error messages instead of silent empty responses - Logs operator-friendly errors without exposing secrets - UI safeguard disables AI actions with an explanatory tooltip when AI is not configured **Business benefits** - Higher adoption and trust in AI features due to clear error states and safer interaction patterns. - Faster catalog enrichment through translation and content improvement with less manual effort and fewer review loops. - Foundation for advanced B2B agent scenarios through context continuity and orchestrated workflows. - Improved governance and auditability through workflow execution traceability. **Documentation** - [Smart Product Management](/docs/pbc/all/product-information-management/latest/base-shop/third-party-integrations/smart-product-management/smart-product-management.html) - [Install Smart Product Management](/docs/pbc/all/product-information-management/latest/base-shop/third-party-integrations/smart-product-management/install-smart-product-management.html) - [Manage conversation history with the AiFoundation module](/docs/dg/dev/ai/ai-foundation/ai-foundation-conversation-history.html) - [AI workflow orchestration with state machines](/docs/dg/dev/ai/ai-foundation/ai-foundation-workflow-state-machine.html) ### Spryker AI Dev SDK: Additional MCP Tools for Spryker-Aware AI Development {% include badge.html type="early-access,improvement" %} Expands MCP tooling to make Spryker context retrieval, module discovery, documentation grounding, and demo data manipulation faster and more reliable for AI-assisted development. **Key capabilities** - Added `getSprykerModuleMap` MCP tool to return **comprehensive module information**, including: - Paths and core API components (Facade, Client, Service, Config) - Available plugin interfaces and extension points - Added `getSprykerModules` MCP tool to return a **simplified flat list** of unique module names for efficient discovery and reduced token usage. - Added a **Spryker documentation** MCP tool supporting: - Docs web URL - GitHub tree URL for the markdown source - GitHub API URL for raw markdown retrieval - Added **read-only database access** tooling for agents to retrieve required information without manual user intervention (SQL query input). - Added MCP tools to accelerate **import/demo data workflows**: - CSV structure analysis (without loading full content) - CSV transform operations (update/replace/append) - Row deletion by filter criteria - ODS-to-CSV export per sheet (supporting Google Sheets → Spryker import pipelines) **Business benefits** - Faster and more accurate AI-assisted development through Spryker-aware context (module APIs, extension points, docs grounding). - Reduced onboarding time and fewer integration mistakes for developers and agents. - Improved productivity for solution teams by standardizing CSV/ODS workflows and reducing failed import cycles. - Lower token usage and faster tool responses due to simplified module discovery outputs. **Documentation** - [AI Dev SDK Overview](/docs/dg/dev/ai/ai-dev/ai-dev-overview) - [AI Dev MCP Server](/docs/dg/dev/ai/ai-dev/ai-dev-mcp-server) ### API Platform improvements {% include badge.html type="early-access,improvement" %} This release enhances API Platform capabilities to improve your developer experience and reduce manual configuration overhead. **Key capabilities** - Enable support for relationships in API Platform. - Add support for custom validation constraints (FQCN-based) in schema definitions. - Improve dependency resolution for API Platform packages. - Add support for Code Buckets. - Provide API test examples to help you adopt the features more easily. **Business benefits** - Generate and validate API resources more cleanly and consistently. - Reduce the need for manual dependency fixes. - Improve consistency in your API implementations. - Accelerate onboarding and increase developer productivity. **Documentation** - [Validation Schemas](/docs/dg/dev/architecture/api-platform/validation-schemas.html) - [Code Buckets](/docs/dg/dev/architecture/api-platform/code-buckets.html) - [Relationships](/docs/dg/dev/architecture/api-platform/relationships.html) - [API Test Examples](/docs/dg/dev/architecture/api-platform/testing.html) ### OMS New Visual User Experience {% include badge.html type="improvement" %} Spryker transforms the community-driven OMS visualizer into a fully validated and productized capability.  **Key capabilities** - Provides a streamlined visualization of complex Order State Machines (OMS). **Business benefits** - Enables faster OMS iteration cycles and improves clarity when you develop or validate OMS processes. - Reduces the time you spend debugging OMS flows by providing better visibility and tooling support. **Documentation** - [Original Community Contribution](https://github.com/spryker-community/oms-visualizer) - [Oms Visualizer Release](https://api.release.spryker.com/release-group/6358) ### Messaging and scheduling modernization {% include badge.html type="improvement" %} We introduced Symfony Messenger and Symfony Scheduler as modern, flexible alternatives to the current RabbitMQ adapter and scheduling mechanisms in Jenkins. **Key capabilities** - Feature toggle that lets you switch between RabbitMQ and Messenger without breaking compatibility. - Migration path and supporting documentation to help you transition. - Messenger becomes the default queue adapter. - Scheduler lets you control the job schedule from within your application. **Business benefits** - Gain greater flexibility in queue transport configuration. - Align scheduling with the Symfony ecosystem using a modern approach. **Documentation** - [Symfony Messenger](/docs/dg/dev/integrate-and-configure/integrate-symfony-messenger.html) - [Symfony Scheduler](/docs/dg/dev/integrate-and-configure/integrate-symfony-scheduler.html) ### Secure handling of customer data in quote requests {% include badge.html type="improvement" %} This update improves the quote request storage mechanism to ensure that the system does not unnecessarily persist sensitive customer data in version records. Previously, the `spy_quote_request_version` table stored the complete quote JSON, which could include full company customer data, including encrypted passwords. Although the passwords were encrypted, storing them outside the dedicated customer table increased the risk of exposure and did not follow the principle of data minimization. **Key capabilities** - Removes unnecessary storage of sensitive customer data, such as encrypted passwords, from the `spy_quote_request_version` table. - Ensures that customer credentials remain stored exclusively in the `spy_customer` table. - Improves secure data handling in quote request versioning flows that the Storefront triggers. **Business benefits** - Reduces the risk of confidential data exposure. - Strengthens compliance with secure data handling and data minimization principles. - Improves overall database hygiene and reduces the attack surface. **Documentation** - [Quote Request](https://api.release.spryker.com/release-group/6300) ### Platform & Tooling Upgrades {% include badge.html type="improvement" %} We have updated critical application and service components to long-term supported versions to ensure continued stability, performance, and compatibility. **Key capabilities** - Upgraded PHPUnit to version 12 (full PHP 8.3 support, improved test data handling). - Upgraded PHPStan to version 2.x to reduce memory consumption and significantly improve performance. - Upgraded Angular to the latest supported major version 20. **Business benefits** - Faster CI pipelines and reduced waiting times for static analysis. - Continued alignment with PHP ecosystem and Angular support lifecycles. - Resolved a vulnerability in `@angular/common` affecting Spryker applications. The issue (CVE-2025-66035) allowed potential XSRF token leakage via protocol-relative URLs in Angular HTTP clients, potentially exposing CSRF tokens to attacker-controlled domains. - Improved quality assurance and development tooling performance across projects. **Documentation** - [Upgrade to Angular 20](https://docs.spryker.com/docs/dg/dev/upgrade-and-migrate/upgrade-to-angular-20.html) - [Release unlocking the new PHPUnit version](https://api.release.spryker.com/release-group/6334) - Spryker is fully compatible with PHPStan 2.x, update it at your own schedule. ### Quality, Performance & Stability Fixes {% include badge.html type="improvement" %} This release resolves several performance bottlenecks and technical inconsistencies identified in customer projects. **Key capabilities** - Improved Stock Data Import performance by removing the usage of `\ProductAbstractCheckExistenceStep` and `\ProductConcreteCheckExistenceStep`, which eliminates unnecessary full database loads. - Preserved correct HTTP error codes by returning 4xx responses for expected application errors, such as invalid cart operations, instead of 500. - Optimized customer session validation by removing resource-intensive password hash checks. - Stabilized OpenTelemetry monitoring and New Relic instrumentation to prevent memory issues and improve trace grouping for Zed and Gateway traffic. - Fixed concrete product publishing and product filter handling, including whitelist-aware category suggestions and hidden facets, to restore complete and consistent search results. - Corrected the Data Import CSV reader configuration so that offset and limit options work as expected for partial imports. - Restored Back Office form validation translations and eliminated redundant SQL execution in category rules. - Improved cart behavior in the Glue API by merging guest carts with product bundles on login and introducing SKU-level quantity restriction plugins. **Business benefits** - Improved backend performance and reduced database and CPU load. - Delivered more reliable and predictable product search, filtering, and category navigation for end users. - Enabled more stable imports and storefront builds with safer customizations and improved dependency management. - Improved Back Office and cart usability to reduce operational overhead and user friction. - Add guidance to the public Spryker documentation on how to adopt the Cypress boilerplate. **Documentation** - See [Spryker Releases](https://api.release.spryker.com/release-history) or use `composer` to update all packages. - [E2E Testing with Cypress](/docs/dg/dev/guidelines/testing-guidelines/cypress-testing.html) ### Architecture Guidelines <span class="inline-img"></span> A set of practical, reusable guidelines to reduce delivery risk, prevent recurring implementation pitfalls, and standardize engineering practices across Spryker projects. **Key capabilities** - **APM monitoring and troubleshooting using New Relic** - Standardized end-to-end troubleshooting workflow (metrics → transactions → DB queries → traces). - Clear mapping of New Relic entities to Spryker applications (Yves, Zed, Glue, Merchant Portal). - Practical examples for diagnosing common performance issues. - **Performance best practices: common challenges and optimization strategies** - Documented top recurring performance pitfalls from real projects (symptoms, root cause patterns, proven optimizations). - Guidance on recognizing issues via response time, query patterns, and logs. - **How to start a Spryker project** - Step-by-step setup guidance covering project structure, CI/CD basics, team practices, and quality tooling. - Focus on "must-do" principles to avoid rework and long-term quality degradation. **Business benefits** - Faster onboarding for partners and new project teams through standardized, actionable guidance. - Reduced escalation rate by addressing known recurring delivery and performance pitfalls early. - Improved project consistency and upgradeability through repeatable architecture and documentation patterns. - Better diagnosability and prevention of performance degradation with a shared troubleshooting methodology. **Documentation** - [APM — New Relic based troubleshooting](/docs/dg/dev/guidelines/performance-guidelines/apm-newrelic-based-troubleshooting.html) - [Perfromance best practices](/docs/dg/dev/guidelines/performance-guidelines/performance-guidelines.html) - [Updated how to start Spryker project](/docs/dg/dev/development-getting-started-guide.html) ### Architecture as Code for Spryker projects <span class="inline-img"></span> Live, version-controlled architecture documentation using industry standards that scales with your codebase. Enables team collaboration, decision traceability, and onboarding without custom tooling or specialized training. **Key capabilities** - Ready-to-use architecture templates for living, version-controlled architecture documentation that evolves with your code, based on arc42 (12 sections) and the C4 model (4-level visualization). - Traceable architectural decision templates through Solution Designs (RFC-style exploration) and ADRs. - Diagrams as code using Mermaid and PlantUML, with real examples for automated validation, generation, and AI analysis. **Business benefits** - Faster onboarding - with globally-recognized standards and all needed architecture documentation in one place - your code - Better decision making - RFC-style exploration and full decision history eliminate tribal knowledge - Alignment with business - Capture project requirements, trade-offs before implementation, ensuring delivery matches intent. Evolve further with architecture decision records and Solution designs - AI-ready format - Markdown and code-based diagrams enable intelligent automation and documentation generation **Documentation** - [Architecture as a Code](/docs/dg/dev/architecture/architecture-as-code.html) ### ERP Integration Template <span class="inline-img"></span> Provides a standardized foundation for building ERP integrations without starting from scratch. **Key capabilities** - Reusable module structure (Client and Shared layers) with transfer object definitions. - Pre-built base classes (`BaseRequest`, `BaseRequestBuilder`) for: - Request handling and timeout configuration - Headers and authentication - Logging and error management - Request/response mapper pattern for ERP-specific format transformations. - Guzzle client configuration guidance with environment-specific credentials and connection setup. **Business benefits** - Faster ERP integration development with reduced boilerplate. - Consistent architecture across projects and ERP systems. - Lower risk of integration defects due to standardized logging and error handling. - Improved maintainability and onboarding for new ERP integrations. **Documentation** - [ERP Integration Template](/docs/integrations/custom-building-integrations/erp-integration-template.html) ### Payment Integration Template (PSP Template) <span class="inline-img"></span> Delivers a production-ready template repository for building payment service provider (PSP) integrations. **Key capabilities** - Covers all mandatory integration touchpoints with the SCCOS that must be considered when integrating a payment provider (business logic, configurations, OMS, frontend forms) and payment lifecycle handling, with practical implementation examples. - Support for core payment flows: **Authorize → Capture → Cancel**. - Two payment method templates (for example Credit Card, Invoice) including: - OMS state machines for synchronous and asynchronous authorization. - Webhook infrastructure: - Payload logging - Signature validation - Route provider setup - Data import configuration with payment method CSV templates and glossary translations (EN, DE). - Automated module renaming and setup guidance to accelerate project adoption. - Comprehensive integration checklist to ensure no required system part is missed during implementation. **Business benefits** - Reduced development time for new PSP integrations - Consistent payment architecture and OMS alignment across projects. - Improved reliability through standardized webhook and lifecycle handling. - Clear separation of module developer and project integrator responsibilities. **Documentation** - [PSP Integration Template](/docs/integrations/custom-building-integrations/psp-integration-template.html) ### New Algolia Eco-Module Integration <span class="inline-img"></span> Replaces the legacy Algolia App model with a code-visible eco-module. **Key capabilities** - New Algolia integration as a standard Spryker eco-module. - Full code visibility and extensibility for customers and partners. - Support for current Algolia Search license–related features. - Updated documentation for integration and customization. **Business benefits** - Increased flexibility and customization options. - Reduced dependency on black-box App Spryker support and evolution implementations. - Better alignment with project-level architecture and extension patterns. **Documentation** - [Integrate Algolia](/docs/pbc/all/search/latest/base-shop/third-party-integrations/algolia/integrate-algolia.html) ## Efficient and Flexible Cloud Foundation ### Cloud Self-Service Portal update {% include badge.html type="improvement" %} The Cloud Self-Service Portal is now available on a new platform that improves usability and accelerates value delivery. {% include carousel.html images=" https://spryker.s3.eu-central-1.amazonaws.com/docs/About/Releases/release-notes-202602/cloud-hub1.png||:: https://spryker.s3.eu-central-1.amazonaws.com/docs/About/Releases/release-notes-202602/cloud-hub2.png||:: https://spryker.s3.eu-central-1.amazonaws.com/docs/About/Releases/release-notes-202602/cloud-hub3.png||" %} **Key capabilities** - Spryker has moved the Cloud Self-Service Portal to a new platform to provide a better user experience and faster value delivery. - In the new portal, you can access centralized Single Sign-On (SSO) management. **Business benefits** - Provides a structured migration path to Single Sign-On (SSO) to help you simplify access management. **Portal access** - [Customer Portal](https://portal.spryker.com/) ### RabbitMQ 4.1 rollout {% include badge.html type="improvement" %} This update completes the rollout of RabbitMQ 4.1 across all platform environments. **Key capabilities** - Upgrade to RabbitMQ 4.1 for improved messaging infrastructure. - Platform-wide rollout to ensure consistency across environments. **Business benefits** - Improved stability and performance of asynchronous processing. - Enhanced scalability for event-driven workloads. - Reduced operational risk through alignment with the latest supported messaging version. **Documentation** - [Docker SDK service configuration](/docs/dg/dev/integrate-and-configure/configure-services.html) - [System Requirements](/docs/dg/dev/system-requirements/latest/system-requirements.html) ### Security RSS feed: Docker image updates {% include badge.html type="improvement" %} This update integrates Docker image security release notes into the official Spryker security RSS feed, ensuring timely notifications for infrastructure updates. **Key capabilities** - RSS Feed Integration: Docker image security releases are now automatically published to the security RSS stream (/feed-security.xml) - Automated Visibility: Real-time visibility of image-related security patches alongside standard application news. **Business benefits** - Improved Security Posture: Ensures DevOps and Security teams are immediately alerted to infrastructure-level vulnerabilities and patches. - Streamlined Compliance: Easier tracking and auditing of container image versions through a centralized, standardized feed. - Proactive Maintenance: Reduces the window of exposure by eliminating the need to manually check for image updates. **Documentation** - [Spryker Security RSS Feed](/feed-security.xml) - [Release notes](/docs/about/all/releases/product-and-code-releases.html) Wed, 29 Apr 2026 09:20:10 +0000 https://docs.spryker.com/docs/about/all/releases/release-notes-202602.0.html https://docs.spryker.com/docs/about/all/releases/release-notes-202602.0.html This document tracks Spryker's migration of API-providing modules to the **API Platform** (built on Symfony and the API Platform library). Use it to plan upgrades and check the current status of every module. {% info_block infoBox "Looking for the integration guide?" %} This page does **not** describe how to integrate API Platform into your project. For step-by-step integration instructions, see: - [Migrate to API Platform](/docs/dg/dev/upgrade-and-migrate/migrate-to-api-platform.html) - [Integrate API Platform](/docs/dg/dev/upgrade-and-migrate/integrate-api-platform.html) - [Integrate API Platform security](/docs/dg/dev/upgrade-and-migrate/integrate-api-platform-security.html) - [API Platform architecture](/docs/dg/dev/architecture/api-platform.html) {% endinfo_block %} ## Why Spryker is moving to API Platform API Platform replaces Spryker-specific patterns for routing, authentication, and resource definition with industry-standard Symfony conventions, automatic OpenAPI schema generation, and a clean separation between resource schema, provider, and validation. | Aspect | Previous infrastructure | API Platform | |---|---|---| | Bootstrap | Spryker-specific application bootstrap | Symfony Kernel-based routing | | Resource registration | Manual plugin registration in `GlueApplicationDependencyProvider` | Declarative YAML resource definitions (`*.resource.yml`) | | Authentication | Custom flows per module | Standard OAuth2 / Symfony Security | | Coupling | Tight coupling between resource and routing logic | Clean separation: provider + resource schema + validation | | Testability | Complex to test and extend | Symfony-native, testable with standard PHPUnit patterns | | OpenAPI | Manual / partial | Automatic OpenAPI schema generation | ## General migration workflow For any module marked **Migrated**, projects upgrade in three high-level steps. Detailed instructions are in the linked integration guides above. 1. **Update the module to the API Platform-enabled version** Pull the new module version that ships the `*.resource.yml` schema and Provider class: ```bash composer update spryker/<module-name> ``` 2. **Remove the previous resource plugins** In your project's `GlueApplicationDependencyProvider`, remove the previous plugin registrations for the migrated module - typically a `ResourceRoutePlugin` (and any related `ResourceRelationshipPlugin` / expander plugins) registered in `getResourceRoutePlugins()`. For **extension-only** modules, remove or replace the corresponding plugin wiring in the parent module's dependency provider as indicated in the module's release notes. 3. **Clear caches and verify** ```bash vendor/bin/glue cache:clear vendor/bin/glue api:generate ``` Confirm the endpoint is served by API Platform by hitting it against your local Glue host - the response is now produced by the new Symfony-based stack. {% info_block infoBox "Parallel operation" %} The previous API stack and API Platform run **side by side** during the transition. You can migrate modules incrementally; modules that have not been migrated continue to be served by the previous stack. {% endinfo_block %} ### Status legend | Status | Meaning | |---|---| | Migrated | Module is available on API Platform and production-ready. | | Planned | Module is scheduled or queued for migration to API Platform. | ## Storefront API modules All StorefrontAPI and Extension-only StorefrontAPI modules. Migrated modules are listed first. | Module | Category | Status | Key endpoints | |---|---|---|---| | ContentProductAbstractListsRestApi | StorefrontAPI | Migrated | GET /content-product-abstract-lists/{id}<br>GET /content-product-abstract-lists/{id}/abstract-products | | MerchantProductOffersRestApi | StorefrontAPI | Migrated | GET /concrete-products/{id}/product-offers<br>GET /product-offers/{id} | | ProductAvailabilitiesRestApi | StorefrontAPI | Migrated | GET /abstract-products/{id}/abstract-product-availabilities<br>GET /concrete-products/{id}/concrete-product-availabilities | | ProductOfferAvailabilitiesRestApi | StorefrontAPI | Migrated | GET /product-offers/{id}/product-offer-availabilities | | ProductOfferPricesRestApi | StorefrontAPI | Migrated | GET /product-offers/{id}/product-offer-prices | | ProductPricesRestApi | StorefrontAPI | Migrated | GET /abstract-products/{id}/abstract-product-prices<br>GET /concrete-products/{id}/concrete-product-prices | | ProductTaxSetsRestApi | StorefrontAPI | Migrated | GET /abstract-products/{id}/product-tax-sets | | ProductsRestApi | StorefrontAPI | Migrated | GET /abstract-products/{id}<br>GET /concrete-products/{id} | | StoresApi | StorefrontAPI | Migrated | GET /stores | | AgentAuthRestApi | StorefrontAPI | Planned | POST /agent-access-tokens<br>POST /agent-customer-impersonation-access-tokens<br>GET /agent-customer-search | | AlternativeProductsRestApi | StorefrontAPI | Planned | GET /abstract-products/{id}/related-products<br>GET /concrete-products/{id}/abstract-alternative-products<br>GET /concrete-products/{id}/concrete-alternative-products | | AuthRestApi | StorefrontAPI | Planned | POST /token<br>POST /access-tokens<br>POST /refresh-tokens<br>DELETE /refresh-tokens/{id} | | AvailabilityNotificationsRestApi | StorefrontAPI | Planned | POST /availability-notifications<br>DELETE /availability-notifications/{id}<br>GET /my-availability-notifications<br>GET /customers/{id}/availability-notifications | | CartCodesRestApi | StorefrontAPI | Planned | POST /carts/{id}/cart-codes<br>DELETE /carts/{id}/cart-codes/{id}<br>POST /guest-carts/{id}/cart-codes<br>DELETE /guest-carts/{id}/cart-codes/{id} | | CartPermissionGroupsRestApi | StorefrontAPI | Planned | GET /cart-permission-groups<br>GET /cart-permission-groups/{id} | | CartReorderRestApi | StorefrontAPI | Planned | POST /cart-reorder | | CartsRestApi | StorefrontAPI | Planned | GET,POST /carts<br>GET,PATCH,DELETE /carts/{id}<br>POST /carts/{id}/items<br>PATCH,DELETE /carts/{id}/items/{id}<br>GET /guest-carts<br>GET,PATCH /guest-carts/{id}<br>POST /guest-carts/{id}/guest-cart-items<br>PATCH,DELETE /guest-carts/{id}/guest-cart-items/{id}<br>GET /customers/{id}/carts | | CatalogSearchRestApi | StorefrontAPI | Planned | GET /catalog-search<br>GET /catalog-search-suggestions | | CategoriesRestApi | StorefrontAPI | Planned | GET /category-trees<br>GET /category-nodes/{id} | | CheckoutRestApi | StorefrontAPI | Planned | POST /checkout-data<br>POST /checkout | | CmsPagesRestApi | StorefrontAPI | Planned | GET /cms-pages<br>GET /cms-pages/{id} | | CompaniesRestApi | StorefrontAPI | Planned | GET /companies<br>GET /companies/{id} | | CompanyBusinessUnitAddressesRestApi | StorefrontAPI | Planned | GET /company-business-unit-addresses<br>GET /company-business-unit-addresses/{id} | | CompanyBusinessUnitsRestApi | StorefrontAPI | Planned | GET /company-business-units<br>GET /company-business-units/{id} | | CompanyRolesRestApi | StorefrontAPI | Planned | GET /company-roles<br>GET /company-roles/{id} | | CompanyUserAuthRestApi | StorefrontAPI | Planned | POST /company-user-access-tokens | | CompanyUsersRestApi | StorefrontAPI | Planned | GET /company-users<br>GET /company-users/{id} | | ConfigurableBundleCartsRestApi | StorefrontAPI | Planned | POST /carts/{id}/configured-bundles<br>PATCH,DELETE /carts/{id}/configured-bundles/{id}<br>POST,PATCH,DELETE /guest-carts/{id}/guest-configured-bundles/{id} | | ConfigurableBundlesRestApi | StorefrontAPI | Planned | GET /configurable-bundle-templates<br>GET /configurable-bundle-templates/{id} | | ContentBannersRestApi | StorefrontAPI | Planned | GET /content-banners/{id} | | CustomerAccessRestApi | StorefrontAPI | Planned | GET /customer-access | | CustomersRestApi | StorefrontAPI | Planned | GET,POST /customers<br>GET,PATCH,DELETE /customers/{id}<br>GET,POST /customers/{id}/addresses<br>GET,PATCH,DELETE /customers/{id}/addresses/{id}<br>POST /customer-forgotten-password<br>PATCH /customer-restore-password/{id}<br>PATCH /customer-password/{id}<br>POST /customer-confirmation | | DiscountPromotionsRestApi | Extension-Only-StorefrontAPI | Planned | CartsRestApi, CartCodesRestApi | | DiscountsRestApi | StorefrontAPI | Planned | POST /carts/{id}/vouchers<br>DELETE /carts/{id}/vouchers/{id}<br>POST /guest-carts/{id}/vouchers<br>DELETE /guest-carts/{id}/vouchers/{id} | | EntityTagsRestApi | Extension-only StorefrontAPI | Planned | GlueApplication | | GiftCardsRestApi | Extension-only StorefrontAPI | Planned | GlueApplication | | MerchantCategoriesRestApi | Extension-only StorefrontAPI | Planned | MerchantsRestApi | | MerchantOpeningHoursRestApi | StorefrontAPI | Planned | GET /merchants/{id}/merchant-opening-hours | | MerchantProductOfferServicePointAvailabilitiesRestApi | Extension-only StorefrontAPI | Planned | (transfer-only) | | MerchantProductOfferShoppingListsRestApi | Extension-only StorefrontAPI | Planned | (transfer-only) | | MerchantProductOfferWishlistRestApi | Extension-only StorefrontAPI | Planned | WishlistsRestApi | | MerchantProductShoppingListsRestApi | Extension-only StorefrontAPI | Planned | (transfer-only) | | MerchantProductsRestApi | Extension-only StorefrontAPI | Planned | CartsRestApi | | MerchantRelationshipProductListsRestApi | Extension-only StorefrontAPI | Planned | CustomersRestApi | | MerchantSalesReturnsRestApi | Extension-only StorefrontAPI | Planned | (transfer-only) | | MerchantShipmentsRestApi | Extension-only StorefrontAPI | Planned | ShipmentsRestApi | | MerchantsRestApi | StorefrontAPI | Planned | GET /merchants<br>GET /merchants/{id}<br>GET /merchants/{id}/merchant-addresses | | MultiCartsRestApi | Extension-only StorefrontAPI | Planned | CartsRestApi | | NavigationsRestApi | StorefrontAPI | Planned | GET /navigations/{id} | | OauthApi | StorefrontAPI | Planned | POST /token | | OmsRestApi | Extension-only StorefrontAPI | Planned | OrdersRestApi | | OrderAmendmentsRestApi | Extension-only StorefrontAPI | Planned | OrdersRestApi, CartsRestApi, CartReorderRestApi | | OrderPaymentsRestApi | StorefrontAPI | Planned | POST /order-payments | | OrdersRestApi | StorefrontAPI | Planned | GET /orders<br>GET /orders/{id}<br>GET /customers/{id}/orders | | PaymentsRestApi | StorefrontAPI | Planned | POST /payments<br>POST /payment-cancellations<br>POST /payment-customers | | PriceProductOfferVolumesRestApi | Extension-only StorefrontAPI | Planned | ProductOfferPricesRestApi | | PriceProductVolumesRestApi | Extension-only StorefrontAPI | Planned | ProductPricesRestApi | | ProductAttributesRestApi | StorefrontAPI | Planned | GET /product-management-attributes<br>GET /product-management-attributes/{id} | | ProductBundleCartsRestApi | Extension-only StorefrontAPI | Planned | CartsRestApi, ShipmentsRestApi | | ProductBundlesRestApi | StorefrontAPI | Planned | GET /concrete-products/{id}/bundled-products | | ProductConfigurationShoppingListsRestApi | Extension-only StorefrontAPI | Planned | ShoppingListsRestApi | | ProductConfigurationWishlistsRestApi | Extension-only StorefrontAPI | Planned | WishlistsRestApi | | ProductConfigurationsPriceProductVolumesRestApi | Extension-only StorefrontAPI | Planned | ProductConfigurationsRestApi, ProductConfigurationShoppingListsRestApi, ProductConfigurationWishlistsRestApi | | ProductConfigurationsRestApi | Extension-only StorefrontAPI | Planned | ProductsRestApi, CartsRestApi, OrdersRestApi | | ProductDiscontinuedRestApi | Extension-only StorefrontAPI | Planned | ProductsRestApi | | ProductImageSetsRestApi | StorefrontAPI | Planned | GET /abstract-products/{id}/abstract-product-image-sets<br>GET /concrete-products/{id}/concrete-product-image-sets | | ProductLabelsRestApi | StorefrontAPI | Planned | GET /product-labels/{id} | | ProductMeasurementUnitsRestApi | StorefrontAPI | Planned | GET /product-measurement-units/{id}<br>GET /concrete-products/{id}/sales-units | | ProductOfferSalesRestApi | Extension-only StorefrontAPI | Planned | (transfer-only) | | ProductOfferServicePointAvailabilitiesRestApi | StorefrontAPI | Planned | POST /product-offer-service-point-availabilities | | ProductOfferShoppingListsRestApi | Extension-only StorefrontAPI | Planned | (transfer-only) | | ProductOffersRestApi | Extension-only StorefrontAPI | Planned | ProductsRestApi | | ProductOptionsRestApi | Extension-only StorefrontAPI | Planned | CartsRestApi, OrdersRestApi, ProductsRestApi, QuoteRequestsRestApi | | ProductReviewsRestApi | StorefrontAPI | Planned | GET,POST /abstract-products/{id}/product-reviews<br>GET /abstract-products/{id}/product-reviews/{id} | | QuoteRequestAgentsRestApi | StorefrontAPI | Planned | GET,POST /agent-quote-requests<br>GET,PATCH /agent-quote-requests/{id}<br>POST /agent-quote-requests/{id}/agent-quote-request-cancel<br>POST /agent-quote-requests/{id}/agent-quote-request-revise<br>POST /agent-quote-requests/{id}/agent-quote-request-send-to-customer | | QuoteRequestsRestApi | StorefrontAPI | Planned | GET,POST /quote-requests<br>GET,PATCH /quote-requests/{id}<br>POST /quote-requests/{id}/quote-request-cancel<br>POST /quote-requests/{id}/quote-request-revise<br>POST /quote-requests/{id}/quote-request-send-to-user<br>POST /quote-requests/{id}/quote-request-convert-to-quote | | RelatedProductsRestApi | StorefrontAPI | Planned | GET /abstract-products/{id}/related-products | | SalesOrderThresholdsRestApi | Extension-only StorefrontAPI | Planned | CartsRestApi, CheckoutRestApi | | SalesReturnsRestApi | StorefrontAPI | Planned | GET /return-reasons<br>GET,POST /returns<br>GET /returns/{id} | | SecurityBlockerRestApi | Extension-only StorefrontAPI | Planned | GlueApplication | | ServicePointCartsRestApi | Extension-only StorefrontAPI | Planned | CheckoutRestApi | | ServicePointsRestApi | StorefrontAPI | Planned | GET /service-points<br>GET /service-points/{id}<br>GET /service-points/{id}/service-point-addresses/{id} | | SharedCartsRestApi | StorefrontAPI | Planned | POST /carts/{id}/shared-carts<br>PATCH,DELETE /shared-carts/{id} | | ShipmentTypeProductOfferServicePointAvailabilitiesRestApi | Extension-only StorefrontAPI | Planned | ProductOfferServicePointAvailabilitiesRestApi | | ShipmentTypeServicePointsRestApi | Extension-only StorefrontAPI | Planned | CheckoutRestApi, ShipmentsRestApi, ShipmentTypesRestApi | | ShipmentTypesRestApi | StorefrontAPI | Planned | GET /shipment-types<br>GET /shipment-types/{id} | | ShipmentsRestApi | Extension-only StorefrontAPI | Planned | CheckoutRestApi, OrdersRestApi, QuoteRequestsRestApi | | ShoppingListsRestApi | StorefrontAPI | Planned | GET,POST /shopping-lists<br>GET,PATCH,DELETE /shopping-lists/{id}<br>POST /shopping-lists/{id}/shopping-list-items<br>PATCH,DELETE /shopping-lists/{id}/shopping-list-items/{id} | | TaxAppRestApi | StorefrontAPI | Planned | POST /tax-id-validate | | UpSellingProductsRestApi | StorefrontAPI | Planned | GET /carts/{id}/up-selling-products<br>GET /guest-carts/{id}/up-selling-products | | UrlsRestApi | StorefrontAPI | Planned | GET /url-resolver | | WishlistsRestApi | StorefrontAPI | Planned | GET,POST /wishlists<br>GET,PATCH,DELETE /wishlists/{id}<br>POST /wishlists/{id}/wishlist-items<br>PATCH,DELETE /wishlists/{id}/wishlist-items/{id} | ## Backend API modules All BackendAPI modules tracked in the migration scope. | Module | Category | Status | Key endpoints | |---|---|---|---| | CartNotesBackendApi | Extension-Only BackendAPI | Planned | SalesOrdersBackendApi | | CategoriesBackendApi | BackendAPI | Planned | GET,POST /categories<br>GET,PATCH /categories/{id} | | DynamicEntityBackendApi | BackendAPI | Planned | GET,POST,PATCH,PUT /dynamic-entity/{entity-name} (~62 auto-generated entity endpoints) | | OauthBackendApi | BackendAPI | Planned | POST /token | | PickingListsBackendApi | BackendAPI | Planned | GET /picking-lists<br>GET /picking-lists/{id}<br>PATCH /picking-lists/{id}/picking-list-items/{id}<br>POST /start-picking | | PickingListsUsersBackendApi | Extension-Only BackendAPI | Planned | PickingListsBackendApi | | PickingListsWarehousesBackendApi | Extension-Only BackendAPI | Planned | PickingListsBackendApi | | ProductAttributesBackendApi | BackendAPI | Planned | GET,POST /product-attributes<br>GET,PATCH /product-attributes/{id} | | ProductImageSetsBackendApi | BackendAPI | Planned | GET /concrete-product-image-sets | | ProductPackagingUnitsBackendApi | Extension-Only BackendAPI | Planned | PickingListsBackendApi | | ProductsBackendApi | BackendAPI | Planned | GET,POST /product-abstract<br>DELETE,GET,PATCH /product-abstract/{id} | | PushNotificationsBackendApi | BackendAPI | Planned | GET,POST /push-notification-providers<br>PATCH,DELETE /push-notification-providers/{id}<br>POST /push-notification-subscriptions | | SalesOrdersBackendApi | BackendAPI | Planned | GET /sales-orders | | ServicePointsBackendApi | BackendAPI | Planned | GET,POST /service-points<br>GET,PATCH /service-points/{id}<br>GET,POST /service-point-addresses<br>PATCH /service-points/{id}/service-point-addresses/{id}<br>GET,POST /service-types<br>GET,PATCH /service-types/{id}<br>GET,POST /services<br>GET,PATCH /services/{id} | | ShipmentTypesBackendApi | BackendAPI | Planned | GET,POST /shipment-types<br>GET,PATCH /shipment-types/{id} | | ShipmentsBackendApi | BackendAPI | Planned | GET /sales-shipments | | StoresBackendApi | BackendAPI | Planned | GET,POST,PATCH /stores | | UsersBackendApi | BackendAPI | Planned | GET /users | | WarehouseOauthBackendApi | BackendAPI | Planned | POST /warehouse-tokens | | WarehouseUsersBackendApi | BackendAPI | Planned | GET,POST /warehouse-user-assignments<br>GET,PATCH,DELETE /warehouse-user-assignments/{id} | | WarehousesBackendApi | BackendAPI | Planned | GET /warehouses | Wed, 29 Apr 2026 09:06:59 +0000 https://docs.spryker.com/docs/dg/dev/architecture/api-platform/migrate-to-api-platform-status.html https://docs.spryker.com/docs/dg/dev/architecture/api-platform/migrate-to-api-platform-status.html <div class="content_box"> Spryker's API is a dedicated application layer within the Spryker Cloud Commerce OS. It's designed to provide API endpoints, process requests, and communicate with other parts of the system to manage data. Think of it as the primary interface for any external system, custom frontend, or digital touchpoint that needs to interact with your Spryker-powered commerce platform. Its main purpose is to enable headless commerce strategies, allowing you to build unique customer experiences and integrate seamlessly with a multitude of channels. Spryker's API framework offers the following types of API applications, each tailored for different use cases. </div> <div class="grid_container"> <div class="cst_cards_2"> <div class="cst_card"> <div class="cst_card_title">Storefront API</div> <div class="cst_card_desc">Storefront API is designed for consumers and customer-facing integrations. It's the API layer that powers web shops, mobile apps, marketplaces, and other client-facing systems. It is based on REST API and follows JSON:API conventions. Learn about customer-facing API endpoints for building headless commerce experiences, mobile apps, and custom storefronts.</div> <a class="cst_card_button" href="/docs/integrations/spryker-glue-api/storefront-api/storefront-api.html">Learn more</a> </div> <br> <div class="cst_card"> <div class="cst_card_title">Backend API</div> <div class="cst_card_desc">Backend API is designed for admins and system-to-system communication. Tailored for backend processes, administrative tools, or integrations with enterprise systems, such as ERP or CRM. Technically it is multi-format, but REST API is shipped out-of-the-box. A key advantage is its direct access to Spryker's business logic layer (Facades). Discover administrative API endpoints for system integration, ERP connections, and backend operations with direct facade access.</div> <a class="cst_card_button" href="/docs/integrations/spryker-glue-api/backend-api/backend-api.html">Learn more</a> </div> <br> <div class="cst_card"> <div class="cst_card_title">Spryker API Strategy for 2026</div> <div class="cst_card_desc">Spryker is evolving its API strategy by introducing **API Platform–based integration** as a <b>new, strategic integration layer</b>, while continuing to <b>fully support existing Glue APIs</b>.</div> <a class="cst_card_button" href="/docs/integrations/spryker-glue-api/getting-started-with-apis/api-strategy.html">Learn more</a> </div> </div> </div> Wed, 29 Apr 2026 08:50:59 +0000 https://docs.spryker.com/docs/integrations/spryker-glue-api/getting-started-with-apis/getting-started-with-apis.html https://docs.spryker.com/docs/integrations/spryker-glue-api/getting-started-with-apis/getting-started-with-apis.html <h2 id="overview">Overview</h2> <p>Spryker is introducing <strong>API Platform–based integration</strong> as the strategic integration layer for new features while maintaining full support for existing Glue APIs. This additive approach protects existing implementations, avoids forced migrations, and enables a modern integration foundation for future development.</p> <section class='info-block info-block--warning'><i class='info-block__icon icon-warning'></i><div class='info-block__content'><div class="info-block__title">Important</div> <ul> <li>Existing Glue API implementations remain supported with no End-of-Life planned</li> <li>Migration is optional—customers decide if and when to adopt API Platform integration</li> <li>All existing endpoints and integrations continue to work unchanged</li> </ul> </div></section> <hr /> <h2 id="api-platform-integration">API Platform Integration</h2> <p><a href="/docs/dg/dev/architecture/api-platform.html">API Platform–based integration</a> provides:</p> <ul> <li>contract-first APIs</li> <li>standardized integration patterns</li> <li>enhanced support for large data exchange</li> <li>improved developer experience</li> <li>parallel use with Glue APIs for Storefront and Backend integrations</li> <li>additional media types: application/xml, application/csv, application/json+ld</li> </ul> <h3 id="availability-timeline">Availability Timeline</h3> <ul> <li><strong>Early access:</strong> until end of Q1 2026 <ul> <li>limited support scope</li> <li>native Spryker features (authentication, codebuckets, full JSON:API support) not fully integrated</li> </ul> </li> <li><strong>General Availability:</strong> Apr 30, 2026</li> <li><strong>Migration of Glue Rest API modules to ApiPlatform:</strong> end of Q2 2026 <ul> <li>Status can be checked here <a href="/docs/dg/dev/architecture/api-platform/migrate-to-api-platform-status.html">Migration status - Glue API to API Platform</a></li> </ul> </li> </ul> <hr /> <h2 id="glue-apis-continued-support">Glue APIs: Continued Support</h2> <p>Glue Storefront API and Glue Backend API remain supported, maintained, and secured with:</p> <ul> <li>All existing endpoints preserved</li> <li>Continued bugfixes and security updates</li> <li>Compatibility maintenance</li> <li>No removal of functionality</li> </ul> <h3 id="feature-freeze-q1-2026-onward">Feature Freeze (Q1 2026 onward)</h3> <p>From Q1 2026, Glue APIs enter feature freeze:</p> <ul> <li>New Spryker features use API Platform integration exclusively</li> <li>No new Glue endpoints for new features</li> <li>Existing endpoints receive bugfixes, security updates, and compatibility fixes</li> </ul> <section class='info-block '><i class='info-block__icon icon-info'></i><div class='info-block__content'> <p>Feature freeze means no new functionality—not deprecation or End-of-Life.</p> </div></section> <hr /> <h2 id="comparison">Comparison</h2> <table> <thead> <tr> <th>Topic</th> <th>Glue APIs</th> <th>API Platform Integration</th> </tr> </thead> <tbody> <tr> <td>Existing features</td> <td>Supported</td> <td>Supported</td> </tr> <tr> <td>New Spryker features</td> <td>❌ No new endpoints</td> <td>✅ Default integration</td> </tr> <tr> <td>Forced migration</td> <td>❌ No</td> <td>❌ No</td> </tr> <tr> <td>End-of-Life planned</td> <td>❌ No</td> <td>❌ No</td> </tr> <tr> <td>Bugfixes &amp; security</td> <td>✅ Yes</td> <td>✅ Yes</td> </tr> <tr> <td>Strategic investment</td> <td>Limited</td> <td>Primary focus</td> </tr> </tbody> </table> <hr /> <h2 id="choosing-the-right-integration">Choosing the Right Integration</h2> <h3 id="use-glue-apis-for">Use Glue APIs for</h3> <ul> <li>extending existing projects</li> <li>maintaining current integrations</li> <li>storefront interactions</li> </ul> <h3 id="use-api-platform-integration-for">Use API Platform Integration for</h3> <ul> <li>new integrations (recommended starting 2026)</li> <li>backend system-to-system communication (ERP, PIM, OMS)</li> <li>large dataset exchanges</li> <li>new Spryker features</li> <li>long-term scalability requirements</li> <li>projects requiring specific formats, versioning, or API Platform features</li> </ul> <h3 id="migration-path">Migration Path</h3> <p>Migration from Glue APIs is optional. Consider migrating when:</p> <ul> <li>building new integrations</li> <li>exchanging large datasets</li> <li>integrating external systems (ERP, PIM, OMS)</li> <li>planning long-term platform evolution</li> <li>project requirements align with API Platform features (supported formats, versioning, etc.)</li> </ul> <p>Spryker provides:</p> <ul> <li>documentation of behavioral differences</li> <li>incremental migration support (endpoint-by-endpoint)</li> <li>conversion tools and reference implementations</li> </ul> <hr /> <h2 id="faq">FAQ</h2> <p><strong>Do I have to migrate my existing Glue APIs?</strong><br> No. Migration is optional. Existing Glue APIs remain supported.</p> <p><strong>Will Glue APIs be removed?</strong><br> No. There is no End-of-Life planned.</p> <p><strong>Can I still build custom features using Glue in my project?</strong><br> Yes. You can continue using Glue APIs in your projects. However, new Spryker core features after Q1 2026 will not introduce new Glue endpoints.</p> <p><strong>Is API Platform integration mandatory?</strong><br> No. It is recommended for new integrations, but existing Glue usage remains valid.</p> <p><strong>When should I start using API Platform integration?</strong><br> Early adoption is available during Q1 2026. For new integrations, use API Platform integration from General Availability (Next Product Release) onward.</p> Wed, 29 Apr 2026 08:50:59 +0000 https://docs.spryker.com/docs/integrations/spryker-glue-api/getting-started-with-apis/api-strategy.html https://docs.spryker.com/docs/integrations/spryker-glue-api/getting-started-with-apis/api-strategy.html The **User management (SSO Users)** panel in [CloudHub](/docs/ca/dev/cloud-hub/cloud-hub.html) lets you control infrastructure access and define how team members connect to your environments in a unified and streamlined way while using one user to access everything. You can create, update, and delete SSO users, as well as fine-tune access for each user per service directly through the portal. For more information on what SSO is and what benefits it provides, see [SSO Access](/docs/ca/dev/access/sso-access.html). ## Capabilities - **Identity provisioning:** Create SSO users for specific environments to ensure precise access control. - **Secure connectivity:** Enable or disable VPN access for individual users to secure communications with protected network resources. SSO users also offer a number of options for securing your access from MFA to passwordless. - **User lifecycle management:** Modify existing user configurations or remove users when access is no longer required. ## Available service permissions Users can be assigned very granular permissions for every available application per environment. This means one SSO user can have admin permissions for RabbitMQ on a test environment and viewer permissions for RabbitMQ on a production environment. | Service | Permission | | -------- | -------- | | RabbitMQ | * Admin — Full administrative access with the ability to create and remove queues <br> * Developer — Can view queues, read and publish messages in the queues <br> * Viewer — Read-only access to queues | | Jenkins | * Admin — Full administrative access <br> * Developer — Can build, view, and cancel jobs <br> * Viewer — Read-only access to jobs and builds | | AWS CLI | * BaseRole — Allows access to the specific environment in the AWS Dashboard and AWS CLI <br> * Custom Role — Can be absent, or can be one or more roles composed specifically for the customer that include all permissions of the Base role and additional permissions like DB access | ### Requesting and renewing VPN for your SSO user An SSO user needs VPN to access Jenkins and RabbitMQ. No VPN is required to access AWS Console. To request the VPN for the specific environment, select the VPN option in the SSO user creation or edit form on CloudHub. Depending on whether SSO is enabled for Bastion (which handles VPN connections), you may need to use your SSO user credentials to also log in to the VPN when turning it on. If your VPN configuration has expired, click the **VPN Renew** button next to your user to request a new VPN configuration. ## Credential delivery for new users When a new SSO user is created, credentials and access configuration are delivered securely across two separate emails: 1. **User update email:** You will get an `Action needed: Verify your Spryker SSO account updates` email with the link for account update. Follow this link to set up the password for your new user. 2. **VPN configuration email:** If you selected the VPN checkbox on user creation, or checked it during user edit, the VPN configuration file (OVPN profile) required to connect to the protected network is sent in a separate email. {% info_block infoBox "Security note" %} Keep both emails secure. The link for account update expires in 3 hours. If you did not manage to set up the user password within 3 hours, contact support. {% endinfo_block %} Tue, 28 Apr 2026 13:58:55 +0000 https://docs.spryker.com/docs/ca/dev/cloud-hub/sso-user-management.html https://docs.spryker.com/docs/ca/dev/cloud-hub/sso-user-management.html ## Security benefits of the SSO access From a security perspective, enabling SSO strengthens the existing secure access flow by adding additional protection layers: - Secure VPN access - TLS communication - Various authentication options Users can authenticate through: - **Flexible authentication:** Authenticate users with various mechanisms, including passkey and your own identity provider. - **Two-factor authentication:** Support for passkey, recovery codes and TOTP/HOTP via Google Authenticator or FreeOTP. ## Passkey (WebAuthn authenticator) A passkey is a FIDO authentication credential based on FIDO standards that allows a user to sign in to apps and websites with the same process that they use to unlock their device (biometrics, PIN, or pattern). Passkeys are FIDO cryptographic credentials that are tied to a user's account on a website or application. {% info_block infoBox "Acquiring Passkey limitation" %} This feature is available only for SSO users created via a Self-Service request. Users managed through External IdP connections are not supported. {% endinfo_block %} How to set up a passkey for your SSO user: 1. Click on **Keycloak** service in CloudHub which will lead to the SSO login page. 2. Log in to your Keycloak Account Console. 3. Go to the **Account Security** section. 4. Open **Signing In**. 5. Find the **Passkey** section. 6. Click **Set up passkey**. 7. Follow the browser prompt to create a passkey using your device's supported method (for example, Windows Hello, Touch ID, Face ID, security key). 8. After successful registration, the passkey appears in your list of registered authenticators. ### Authenticate with WebAuthn authenticator After you register your authenticator, signing in is easy: 1. Open the login page and enter your username and password. 2. Your browser will prompt you to verify your identity using your authenticator (for example, fingerprint, face recognition, or security key). ## LoginLess (WebAuthn passwordless) Log in without a username or password. You can sign in using biometric methods (such as fingerprints or facial recognition), FIDO2 security keys (for example, YubiKey), or other compatible authenticators. {% info_block infoBox "Acquiring LoginLess limitation" %} This feature is available only for SSO users created via a Self-Service request. Users managed through External IdP connections are not supported. {% endinfo_block %} 1. Click on **Keycloak** service in CloudHub which will lead to the SSO login page. 2. Log in to your Keycloak Account Console. 3. Go to the **Account Security** section. 4. Open **Signing In**. 5. Find the **Passwordless** section. 6. Click **Set up passkey**. 7. Follow the browser prompt to create a passkey using your device's supported method (for example, Windows Hello, Touch ID, Face ID, security key). 8. After successful registration, the passkey appears in your list of registered authenticators. ### Authenticate with LoginLess (WebAuthn passwordless) If you have set up passwordless WebAuthn, you can sign in to Keycloak without entering a username or password. You will simply confirm your identity using your device (such as fingerprint, face recognition, or a security key). WebAuthn can also be used as an extra security step (two-factor authentication) if enabled for your account: 1. Open the login page. 2. Click **Sign in with Passkey**. 3. Your browser will prompt you to verify your identity using your authenticator (for example, fingerprint, face recognition, or security key). ## Related topics - [User Management SSO](/docs/ca/dev/cloud-hub/sso-user-management.html) Tue, 28 Apr 2026 13:58:55 +0000 https://docs.spryker.com/docs/ca/dev/access/sso-security-options.html https://docs.spryker.com/docs/ca/dev/access/sso-security-options.html ## What is SSO **Single Sign-On (SSO)** is an authentication mechanism that allows users to sign in once and access multiple applications without re-authenticating for each service (RMQ, Jenkins). SSO can be integrated with an external organizational identity provider (IdP), such as a corporate directory service, enabling centralized user management and access control. This approach improves security by reducing password reuse and enhances the user experience by minimizing repeated logins. ## How SSO improves the user experience SSO makes accessing services easier, faster, and more secure by providing: - **Centralized authentication** through your company's identity provider, or via users managed in our identity system - **Fewer passwords to remember**, reducing friction and support overhead - **A faster and smoother login experience** across all connected services - **Simplified user lifecycle management** (onboarding, updates, and offboarding) - **Stronger security and compliance** through consistent authentication policies - **Easy integration for enterprise organizations** that use their own identity provider ## How to access applications with an SSO user You will need an SSO user, [User Management SSO](/docs/ca/dev/cloud-hub/sso-user-management.html) describes how to get one. ### AWS access #### AWS Management Console 1. Click on **AWS Console** service in CloudHub which will lead to the SSO login page. 2. Log in using your SSO user credentials. 3. After successful authentication, you will be redirected to the AWS Management Console with access to your environment services. #### AWS CLI To access AWS services via the AWS CLI with your SSO credentials, see [Connecting to AWS CLI with an SSO user](/docs/ca/dev/access/connecting-to-aws-cli-with-an-sso-user.html). ### VPN access VPN access uses short-lived sessions for improved security. To start a VPN session, you must go through the SSO login process and provide an MFA code. 1. Open your VPN client and initiate a connection to the target environment. 2. When prompted, log in using your SSO user credentials. 3. Provide your MFA code to complete authentication. 4. Once authenticated, the VPN session is established. The session is short-lived and will expire after a period of inactivity or at a set time limit. To reconnect after a session expires, repeat the SSO login and MFA steps. ### RabbitMQ access For RabbitMQ, the user must have VPN enabled for the specific environment they want to access. Once the VPN is enabled: 1. Click on **RabbitMQ** service in CloudHub which will lead to the RabbitMQ login page. 2. Click the **Log in** button. 3. You will be redirected to the SSO login form. 4. Provide your SSO user credentials and log in. If you previously logged in to VPN or any other application in the same browser, for example Jenkins, log in happens automatically, because you are using the same SSO user. ### Jenkins access For Jenkins, the user must have VPN enabled for the specific environment they want to access. Once the VPN is enabled: 1. Click on **Jenkins** service in CloudHub which will lead to the SSO login page. 2. Provide your SSO user credentials and log in. 3. You will be redirected to the Jenkins dashboard. If you previously logged in to VPN or any other application in the same browser, for example RabbitMQ, log in happens automatically, because you are using the same SSO user. ### Keycloak access Keycloak is where you can view and edit your SSO user profile (editing options are limited). 1. Click on **Keycloak** service in CloudHub which will lead to the SSO login page. 2. Provide your SSO user credentials and log in. 3. You will be redirected to Keycloak where you can change your username and password. If you previously logged in to VPN or any other application in the same browser, for example RabbitMQ, log in happens automatically, because you are using the same SSO user. ## External IdP connection As an alternative or additional authentication method, we support connection to external Identity Providers (IdPs) that use SAML or OpenID Connect (OIDC). Benefits of using an external IdP: - You can apply and enforce your own authentication policies. - You can manage user assignments and permissions to all supported services directly through your IdP without creating any Self‑Service requests. - Centralized lifecycle management of users (onboarding/offboarding handled entirely in your IdP). - Stronger security posture through enterprise-grade features such as MFA, conditional access, and device or network policies. - Seamless user experience with a single set of corporate credentials. - Reduced administrative overhead by eliminating duplicate user management. - Better compliance and auditing through centralized identity logs and policies. - Faster and automated access provisioning as your organization scales. - Improved security posture by not storing or processing passwords within our platform. {% info_block infoBox "Acquiring external IdP users limitation" %} Such users **cannot** be created or managed via CloudHub User Management (SSO) page. For configuration details, contact our support team. {% endinfo_block %} ## Next steps - [User Management SSO](/docs/ca/dev/cloud-hub/sso-user-management.html) - [SSO Security Options](/docs/ca/dev/access/sso-security-options.html) - [Connecting to AWS CLI with an SSO user](/docs/ca/dev/access/connecting-to-aws-cli-with-an-sso-user.html) Tue, 28 Apr 2026 13:58:55 +0000 https://docs.spryker.com/docs/ca/dev/access/sso-access.html https://docs.spryker.com/docs/ca/dev/access/sso-access.html