Restrict Access to Your Entire Site
You can restrict your entire website to logged-in users only.
If restricted access is enabled, only registered and logged-in users can see the contents of your site. You can configure your website to redirect unauthenticated visitors to a login page with a link to a registration form.
You can also restrict access to users who have been granted access by the Site Administrator. This flow is particularly useful in a B2B scenario where your organization wants to provide partners or customers with login credentials.
The CXM Service API is public and contains all the information exposed by the fieldset being used. Enabling password protection restricts users from accessing some or all of your site. However, a user who knows a URL that calls this API could access some of this information.
If your site uses a pre-Vinson version of SuiteCommerce Advanced, use the second of the two following setup procedures.
You can configure certain URLs to be publicly available even though your site is password protected. See Set Public URLs.
To restrict access to your website:
-
In NetSuite, go to Commerce > Websites > Website List.
-
Click Edit next to the website to which you want to restrict access.
-
Go to the Shopping tab and the Registration Page area.
-
Check the Password-protect Entire Site box.
-
From the Type of Customer Registration list, select one of the following:
-
Existing Customers Only – This restricts the site to customers who have login access to complete the checkout process. This option is only available with the Advanced Site Customization feature.
-
Required – This restricts the site to registered customers. New customers must register to be able to access the site. With this option, a record is created in NetSuite with contact information even if the shopper does not complete checkout.
Note:The “optional” and “disabled” site registration options are not available if the site is password protected.
For more information about customer registration, see Configure Site Registration.
-
To restrict access to your website (pre-Vinson SCA):
-
In NetSuite, go to Commerce > Websites > Website List.
-
Click Edit next to the website to which you want to restrict access.
-
Go to the Shopping tab and the Registration Page area.
-
From the Type of Customer Registration list, select one of the following:
-
Existing Customers Only – This restricts the site to customers who have login access to complete the checkout process. This option is only available with the Advanced Site Customization feature.
-
Required – This restricts the site to registered customers. New customers must register to be able to access the site. With this option, a record is created in NetSuite with contact information even if the shopper does not complete checkout.
Important:If this field is set to Disabled or Optional, the Restrict Access feature will not work.
For more information about customer registration, see Configure Site Registration.
-
-
Create a custom module that includes the backend Configuration object as a dependency. See Configure Properties for details.
Note:Do not edit the original Configuration.js source file directly. See Develop Your SCA Customization for information and best practices on customizing JavaScript.
-
Update the
passwordProtectedSiteproperty in the custom module to true. -
Save and deploy to your site.
Known Limitations
Before restricting access to your Commerce website, be aware of the following information:
-
When a user clicks on an item’s Quick View link after their session has ended, Commerce web stores redirect the user to the Checkout page instead of a Login page. The user cannot access the site, however, without logging in.
-
If a user changes the language after logging in to a password-protected site, the application recognizes the new domain and redirects the user to log in again.
-
Enabling password protection restricts users from accessing some or all of your site. However, a user who knows a URL that calls the CXM Service API could access some of this information.