Skip to main content
TrustStatus
SLAS Release
SLAS Service US-East-1 | Commerce Cloud Services US
Maintenance Information
ID# 720448
Status
Resolved
Impacted Instances
Impacted Services
SLAS Service US-East-1
Type
Scheduled Maintenance
Availability
This instance will generally be available during this maintenance window.
Planned Start Time
9:00 pm GMT, Feb 03
End Time
6:59 pm GMT, Feb 04
(Planned End Time6:00 pm GMT, Feb 04)
Duration
19 hours, 3 minutes
Maintenance History
Maintenance Ended
6:59 pm GMT, Feb 04
Duration1 minute
Posted 6:55 pm GMT, Feb 04 2025
Maintenance Began
6:58 pm GMT, Feb 04
Routing traffic incrementally from Canary to Primary
Posted 6:55 pm GMT, Feb 04 2025
Maintenance Ended
6:56 pm GMT, Feb 04
Duration1 minute, 1 second
Posted 6:55 pm GMT, Feb 04 2025
Maintenance Began
6:55 pm GMT, Feb 04
Release deployed to Primary
Posted 6:55 pm GMT, Feb 04 2025
Maintenance Ended
6:32 pm GMT, Feb 04
Duration19 hours
Posted 11:32 pm GMT, Feb 03 2025
Maintenance Began
11:32 pm GMT, Feb 03
Routing incremental traffic from Primary to Canary
Posted 11:32 pm GMT, Feb 03 2025
Maintenance Ended
11:21 pm GMT, Feb 03
Duration1 minute, 1 second
Posted 11:20 pm GMT, Feb 03 2025
Maintenance Began
11:20 pm GMT, Feb 03
The release is being deployed to canary
Posted 11:20 pm GMT, Feb 03 2025
Scheduled
The following is included in this update: * SLAS 4xx Logs are now available in Log Center. Log information includes the correlationID, which you can use for end-to-end request tracking. * SLAS now supports custom query parameters for the /loginendpoint. * SLAS now supports merging claims for Azure IDP. * The SLAS PasswordResetflow no longer requires PKCE. You can now make password reset requests using the new, optional `hint` query parameter instead of a Proof Key for Code Exchange (PKCE) `code_challenge` and `code_verifier`. For details, see Password Reset. * Fixed a /userinfo endpoint bug related to using a Google IDP. * Fixed a bug related to password reset support across different devices. * Improved error handling and validation to return more meaningful error messages for Auth0 IDP. * The channel_id (site) parameter is now required when requesting a guest access token with a grant_type of client_credentials. This change enhances security by preventing unauthorized access across different storefronts. Existing customers must update their implementation to include the channel_id parameter in the client credential call in guest flows. For details, see Guest Tokens. * The original schedule was 09/01/2024 for all sandbox tenants and 10/01/2024 for all other non-production tenants. We will now implement this change for all non-production tenants starting 02/10/2025. * As of 2/10/25, we are now strictly enforcing the documented rate limit of 25 requests per minute (RPM) for the /jwks endpoint. * In preparation for the removal of the SLAS_ORGANIZATION_ADMIN (Account Manager API-Client) and SLAS_TRUSTED_AGENT_READ_ONLY (Account Manager User) Account Manager roles, these roles were removed from the SLAS code base. Because these roles were never made available for SLAS production use, no customer impact is anticipated. * Additional performance improvements included.
Posted 9:00 pm GMT, Feb 03 2025 · Last updated 11:41 pm GMT, Feb 04 2025