Restrict Access to Your Entire Site
You can restrict your entire website to logged-in users only. When you enable restricted access, only registered and logged-in users can view your site's content. You can set up your website to redirect unauthenticated visitors to a login page with a registration link.
You can also restrict access to users who have been granted access by the Site Administrator. This flow is useful in B2B scenarios where you want to provide partners or customers with login credentials.
The CXM API is public and contains all the information exposed by the field set being used. Password protection restricts user access to some or all of your site when enabled. However, users who knows a URL that calls the different APIs can still access some information.
If you're using a pre-Vinson version of SuiteCommerce Advanced, use the second setup procedure.
You can make specific URLs publicly available even with a password-protected site. For details, see Set Public URLs.
To restrict access to your website:
-
Go to Commerce > Websites > Website List.
-
Click Edit next to the website to which you want to restrict access.
-
Go to the Shopping tab and the Registration Page area.
-
Check the Password-protect Entire Site box.
-
Select one of the following options from the Type of Customer Registration list:
-
Existing Customers Only: This option restricts the site to customers with login access to complete the checkout process. This option is only available with the Advanced Site Customization feature.
-
Required: This option restricts the site to registered customers. New customers must register to be able to access the site. This option creates a record in NetSuite with contact information, even if the shopper doesn't complete checkout.
Note:The “optional” and “disabled” site registration options are not available if the site is password protected.
To learn more about customer registration, see Configure Site Registration.
-
To restrict access to your website (pre-Vinson SCA):
-
Go to Commerce > Websites > Website List.
-
Click Edit next to the website to which you want to restrict access.
-
Go to the Shopping tab and the Registration Page area.
-
Select one of the following options from the Type of Customer Registration list:
-
Existing Customers Only: This option restricts the site to customers with login access to complete the checkout process. This option is only available with the Advanced Site Customization feature.
-
Required: This option restricts the site to registered customers. New customers must register to be able to access the site. This option creates a record in NetSuite with contact information, even if the shopper doesn't complete checkout.
Important:The Restrict Access feature won't work if this field is set to Disabled or Optional.
To learn more about customer registration, see Configure Site Registration.
-
-
Create a custom module that includes the backend Configuration object as a dependency. For details, see Configure Properties.
Note:Don't edit the original Configuration.js source file directly. For guidance on customizing JavaSript, see Develop Your SCA Customization.
-
Set the
passwordProtectedSiteproperty to true in your custom module. -
Save your changes and deploy them to your site.
Known Limitations
Before restricting access to your Commerce website, be aware of the following information:
-
After a user's session ends, clicking an item's Quick View link redirects them to the Checkout page, not the Login page. However, the user can't access the site without logging in.
-
When a user changes languages on a password-protected site, the application recognizes the new domain and prompts them to log in again.
-
When you enable password protection, it restricts access to some or all of your site. However, users who knows a URL that calls the CXM Service API can still access some information.