1. Using Oracle CX Commerce
  2. Configure Internal User Accounts
  3. Create new user profiles

Create new user profiles

One default Administrator profile is included with your Commerce instance, but you can add as many internal user profiles (including administrators) as you need.

Only administrators can create and work with user accounts.

In order to comply with the Payment Card Industry Data Security Standard (PCI DSS), Commerce secures all logins to the administration interface with multi-factor strong authentication. This means that each user must enter their username and password, plus a one-time passcode, each time they log into the administration interface. See Access the Commerce administration interface to learn about setup tasks new users must perform before they can log into the administration interface for the first time.

Administrators do not assign login passwords to user profiles. Once you create a new profile, Commerce sends an email to the address you added to the profile. The email includes a link that the user clicks to set their password. If the link has expired when the user clicks it, Commerce displays a page where the user can request a new link.

The password must be at least eight characters long and contain at least one number, one uppercase letter, and one lowercase letter. It cannot contain the email address and cannot match any of the last four passwords.

In addition, the password is checked against a dictionary of weak passwords that Commerce maintains. If a user attempts to set a password that matches one of the entries in this dictionary, the password is rejected. The dictionary is the same one used for shopper passwords, as described in the Create a shopper profile. Note, however, that additional entries created using the updateRestrictedWords endpoint in the Admin API are applied only to shopper passwords, and not to passwords for internal users.

To create a new user profile, follow these steps:

  1. Click the Settings icon, then select Access Control.
  2. Click New User.
  3. Enter the information that identifies the new user profile. See the table that follows this procedure for information about each field.
  4. Click Save.

The following table describes the properties that identify a Commerce user profile. All properties are required.

Property Description
Email The user’s email address. This functions as the username during login, and is the address where the password link is sent.
User Roles Assign one or more roles to the profile. See Understand roles for more information.
First Name The user’s first name.
Last Name The user’s last name.