157 results found
-
Add the ability to grant impersonate permissions to custom roles
I want to be able to create a custom role for the admin console users that while given limited permissions through the Application Dictionnary would also be granted the ability to impersonate website users. Currently, the impersonate feature is limited to 4 roles: ISCSystem, ISCImplementer, ISCAdmin, ISCUser. Being able to customize the CanCurrentUserImpersonateAnotherUser method used by the AccountController would give more flexibility.
6 votesOur development team is currently working on this item, and it’s likely to be added to the roadmap soon - pending any technical challenges
-
Add Custom Field Names as Filter and Column in Customer Selection Pop-up (Admin Console)
We would like to request an enhancement to the Customer Selection pop-up within the Admin Console—specifically when assigning customers to users. This is for the Configured Commerce product.
Current Behavior:
Currently, the Customer Selection interface only allows filtering and viewing based on standard fields (e.g., customer name, ID, etc.). Custom fields that have been defined are not available as filter options or visible columns in the selection grid.Requested Enhancement:
Add the ability to filter by custom field values in the Customer Selection pop-up.
Add the option to include custom fields as visible columns in the grid view to aid…
4 votesThank you for submitting this request! Our team is currently reviewing if and how we may implement this enhancement to filtering within the Admin Console, particularly with consideration of our wide client base. We will update this ticket once we have completed this investigation.
-
Fraud prevention
We are working to resolve ongoing issues with fraudulent ecommerce orders. Frequently, bots have placed orders using stolen credit card information with valid bill-to addresses but random ship-to addresses. Unfortunately, these orders were shipped before we received dispute requests, which forced us to issue credits to customers and resulted in unrecoverable product losses.
We attempted to implement the DataDome solution; however, it was not compatible with Optimizely. I also understand that Optimizely currently uses the Spreedly gateway for credit card processing, and I’m aware that Spreedly provides a fraud prevention solution that is not included with Optimizely.
Could you please…
4 votes -
Request for an out of the box configuration setting for when sessions are fully expired
Request for an out of the box configuration setting for when sessions are fully expired:
• Session Expiration and let the client decide if they would like to redirect to Session Expired Page, or use Overlay with Session Expired Modal on same page.
• In this setting we could also provide additional sub-setting with ability to enable a session expiration warning (admin can set the number of minutes)Incomplete Client-Side Inactivity Timeout: We have two different issues with this vulnerability,
• If a customer steps away from their system without an automatic logout after a period of inactivity, there is…6 votes -
Export product list from a category
In PIM: I want to export all products that are assigned in a certain category. For example, I have category A with 300 products, and I want to export these 300 products in category A. As for now, when I'm in category A in PIM and click on "products" I get the listed products assigned to category A, BUT I can't export them in a excel list or other files types.
2 votes -
Better extensibility options for Search V2 Indexing
We have a requirement on our project that requires us to change the behavior of the search indexing v2. In trying to do so, our development team ran into an issue where the class we needed to extend was not extensible (internal, sealed, or non overrideable methods).
Basically what we are trying to do is remove the condition that excludes child products when fetching indexable products that is in line 896 of class Insite.Search.Shared.DocumentTypes.Product.Index.SearchV2.Models.Product (this is in version 5.2.2412.1705)
What we would like to see changed is:
1 - Make the SearchV2.Models.Product public instead of internal and remove the sealed…
7 votes -
Allow Commerce Search v3 for Local Development
Local debugging for Commerce Search v3 is currently unavailable, and renders the site completely unusable. This is, to put it bluntly, absolutely unacceptable. As far as I can tell, the only workaround presently is to switch to Search v2 for local development. At very least, there should be a way to have the system default to Search v2 when working locally, regardless of what is configured.
1 voteI can confirm that currently Commerce Search v3 does not support Local Development.
- Until local support is available, partners are currently working from Sandbox environments or if working on non search related activities they may be switching to alternative provider while working locally.
While the suggestion to automatically fallback to Search v2 during local development is technically possible, it would mask actual system behavior and could lead to incorrect assumptions, missed issues, or inconsistent environment (sandbox vs local). For that reason, we are unlikely going to implement an automatic fallback to alternative search provider and switching search providers will remain a manual action at this time.
- We fully understand your frustration, and how the inability to debug or run the site locally with Search v3 enabled is a significant disruption.
- We are actively evaluating options to enable limited local development against sandbox instances, and work is underway to determine…
-
Optimize Wishlist Updates: Refresh Line Item Only, Not Entire Page
Optimize Wishlist Updates: Refresh Line Item Only, Not Entire Page.
Current Behavior (for customers using live inventory and price via API):
In Configured Commerce, when a user updates a product within a list or quote (e.g., changing quantity or removing an item), the entire list page refreshes. This results in longer load times and a less efficient experience, particularly for large lists.Requested Enhancement:
Modify list/quote functionality so that updates apply only to the specific line item being changed, rather than forcing a full list refresh (must also adjust the product total). Ideally, this would be handled via an asynchronous…2 votesThank you for submitting this request! Currently in order to handle the complexity of keeping the data consistency between the My List Details and My Lists Page(s) across the wide customer base we require resetting the state after updates on the line item(s) within Lists.
While we do not have any changes planned to alter this behavior on base please feel free to continue sharing feedback and impact.
-
Send order confirmation as pdf attachment
Our customers want to receive their order confirmations as a PDF attachment. Many still want to print them, attach a digital copy to their ERP, or save a digital copy. PDF's make this much easier.
Many won't order online since they don't like the order confirmations. Others require us to manually send a PDF version out of our ERP after they have placed their order.
2 votesThank you for submitting this request! Our team is currently reviewing this feature, particularly with consideration of our wide client base. We will update this ticket once we have completed this investigation.
-
Order checkout rules
We received requests from several customers that their business required users to fulfill certain conditions before they can checkout. For example:
- Minimum order amount.
- Shipping carrier is required.Please implement the capability of creating checkout rules to provide customers with controls over their incoming orders.
2 votesThank you for submitting this request! We have added this item to our backlog for future consideration and prioritization.
If there are more details regarding the desired experience for these storefront customers who do not meet the rules that would also be appreciated.
Would there be a goal to encourage users to shop their MyLists or have selection of recommended products for example or would the desire be to simply disable the ability to checkout with appropriate messaging as to the rule that needs to be met to continue?
-
HTTP Security header support
We need the Optimizely platform to support the following HTTP security response headers:
-Permissions-Policy
-Content-Security-Policy
These headers are essential for instructing browsers on how to handle website content securely. They enhance overall security by enforcing specific rules, such as preventing cross-site scripting (XSS) and clickjacking attacks.
Our cybersecurity provider is now requiring that these policies be implemented on all public-facing web servers. As such, support for these headers is a critical requirement moving forward.
Please advise on the platform’s capability to support and configure these headers.
2 votesThis change request would increase the risk of site failures occurring if the CSP/header size is too large and require detailed review to help ensure proper guardrails exist.
We have added this item to our backlog for future consideration and prioritization.
-
Reintroduce or Provide Alternative Method to Restrict Access to the Admin Console in Configured Commerce (V3)
As part of our recent internal security audit, we identified a vulnerability related to unrestricted access to the Optimizely Configured Commerce Admin Console.
In the legacy V1 architecture, administrators could restrict Admin Console access by domain or IP range using configuration updates (as described in the Optimizely documentation: https://docs.developers.optimizely.com/configured-commerce/docs/restricting-access-to-admin). However, in the V3 architecture, this capability is no longer supported or configurable within the managed environment.
Our support engagement (Ticket #1788512) confirmed that this feature was not migrated to V3 due to complications with the impersonation feature and has since been deprecated. As a result, customers currently have no…
1 vote -
Disable Weak TLS Cipher Suites (CBC-mode Ciphers) in Managed Commerce Environments
As part of a recent internal and third-party security assessment (conducted by Optiv Security), our organization identified that our Optimizely Configured Commerce production environment (www.whitecap.com) currently supports weak TLS cipher suites, including CBC-mode ciphers.
These ciphers are considered outdated and potentially vulnerable to known cryptographic attacks (e.g., Lucky 13 and BEAST). Security best practices and compliance frameworks (such as PCI DSS, NIST SP 800-52r2, and OWASP guidelines) recommend disabling weak or deprecated cipher suites and enforcing stronger ones such as AES-GCM or CHACHA20_POLY1305 with TLS 1.2+ only.
During our support engagement (Ticket #1789304), the SRE team confirmed that…
1 vote -
Add start and end date to marketing lists
As a marketing user on Hero Tools, I would like to expose the next month's campaign products as a "Marketing List" for all customers. I want the list to show the first day in the month, and be available for the whole month.
Right now; I have to create the list at the right time at the start of the month, I cannot publish it the week before the start of the new month, and if I forget to delete it at the end, it will still show the following month.
Each marketing list should have a start date (with…
3 votesThank you for submitting this request! We have added this item to our backlog for future consideration and prioritization.
-
Have the ability to create Variants based on Product Lines the same way we have the ability to create Variants based on Product Category
Have the ability to create CMS Variants based on Product Lines the same way we have the ability to create CMS Variants based on Product Category - See Ticket #1647681
2 votesThank you for submitting this request! We have added this item to our backlog for future consideration and prioritization.
-
Order Status not showing product images
We are configuring Product Restrictions on a new site and found that Order Status and Order History detail pages do not show product images if the product is restricted. This leaves a block of white space on line items and it looks incomplete to the user.
We would like to override this behavior, or have an Admin Console setting option to do so.2 votesThank you for submitting this request! Our team is currently reviewing this particularly with consideration of our wide client base. We will update this ticket once we have completed this investigation.
-
Rename Pages in Content Admin Tree
I would like the ability to rename the Page Title that shows in the Tree of the Content Admin.
2 votesWhile we do show the 'Page Title' and 'URL Segment' when editing a existing page these values are not used within the display of the page tree. Instead there is an internal page "Name" which is not shown anywhere except the page tree and the only way to adjust currently would be to delete the entire page and make a new one.
We may consider this in the future based on impact and business needs of our customers, but this is not a small effort change and will require prioritization with other roadmap items.
Please continue to share feedback and impact so that we may consider this in the future.
-
Spire CMS - Identifying widgets missing content in current language
In the Classic CMS, we were able to see a warning or indication style on widgets that did not have content in the current language. However, in Spire CMS, this visual indicator does not seem to be available.
We would like a way to clearly identify in Spire CMS which widgets have been localized to the current language and which have not, similar to the warning indication available in Classic CMS.
2 votes -
PIM - History details not shown for latest changes on produts
I'm not able to see the latest change history details for some products.
There are two panels with history lists, one to the left and one in the middle under the "history" tab.The list to the left only shows the latest change on the products but I'm not able to click on it to see the actual change that has been made. I can only see the product status and the date of the change.
On the other hand, the history list in the middle has a drop down where I can click on the different history versions and…
0 votes -
Proactive Site Monitoring
Opti should provide proactive site monitoring to its configured commerce customers. Customer should received an alert from Opti about server errors, hosting issues, site restarts, etc. As hosting provider, Opti should support the platform from this perspective and not be reliant on Partners or the Customers to address these types of errors.
9 votes
- Don't see your idea?