saleor-security
Saleor Security
Before writing code
Fetch live docs:
- Web-search
site:docs.saleor.io authentication JWT tokensfor current JWT authentication flow - Web-search
site:docs.saleor.io apps permissionsfor App token authentication and permission model - Web-search
site:docs.saleor.io OIDC OpenID Connectfor OIDC integration configuration - Web-search
saleor webhook payload signature JWS verificationfor webhook signature verification - Fetch
https://docs.saleor.io/docs/developer/app-store/apps/overviewfor App authentication patterns - Web-search
saleor CORS security headers productionfor CORS and header configuration
JWT Authentication Flow
Saleor uses JSON Web Tokens for staff and customer authentication. Tokens are obtained via GraphQL mutations and passed as Bearer tokens.
Token Lifecycle
More from orcaqubits/agentic-commerce-skills-plugins
magento-performance
Optimize Magento 2 performance — full page cache (Varnish), Redis, indexer tuning, JavaScript/CSS optimization, database optimization, and profiling. Use when diagnosing slow pages, optimizing load times, or configuring caching.
4js-modern
Write modern JavaScript and TypeScript — ES6+ features, async/await, modules, destructuring, optional chaining, TypeScript types, and modern tooling. Use when writing JavaScript/TypeScript for BigCommerce themes, apps, or headless storefronts.
4graphql-dev
Write GraphQL queries, mutations, and subscriptions — fragments, code generation, TypedDocumentNode, variables, error handling, and client setup. Use when writing GraphQL code for Saleor.
4node-backend
Build Node.js backends for BigCommerce apps — Express/Fastify servers, OAuth handling, JWT verification, API proxy, webhook processing, session management, and deployment. Use when building the server-side component of BigCommerce apps.
4magento-service-contracts
Implement Magento 2 service contracts — repository interfaces, data interfaces, SearchCriteria, and the repository pattern. Use when building module APIs, data access layers, or integrating with Magento's Web API.
3magento-plugins-interceptors
Implement Magento 2 plugins (interceptors) — before, after, and around methods for modifying class behavior without inheritance. Use when extending core or third-party module functionality.
3