Adobe Commerce Connector - Core Authentication & Webhook Infrastructure
Essential knowledge
Intended Audience:
Business User
Author:
Fluent Commerce
Changed on:
17 June 2026
Overview
Establishes the foundational security mechanisms, credential mapping strategies, and inbound validation rules required to securely pass transactional payloads between Adobe Commerce and Fluent Commerce:- Safeguards multi-retailer setups by auto-mapping Adobe website scopes to isolated Fluent credentials.
- Speeds up extensions via a unified API layer and an easily modifiable webhook validation chain (
`di.xml`). - Webhooks require a strict 3-step signature and data check. Because all modules rely on this, any configuration issue breaks the entire integration.
Key points
- Core Foundation & Outcome: You will learn how the General module acts as the integration's architectural backbone, housing all shared utilities, services, and core API authentication layers that every other module fundamentally depends on.
- Scoped Multi-Retailer Support: If you skip the text, you must know that credentials are completely isolated per website scope, allowing each distinct Adobe Commerce website to map to and authenticate with its own specific Fluent retailer configuration.
- Global Webhook Validation: All incoming webhooks share a centralized, 3-step validation chain (
`MessageValidatorChain`) configured via`di.xml`that automatically enforces field presence, entity types, and security signature integrity. - System-Wide Dependency Risk: Because this module manages the single point of truth for global communication and data validation, any misconfiguration or failure here will break the entire integration ecosystem.
Fluent Authentication
This component provides backend services that handle programmatic authentication with Fluent Commerce using retailer credentials configured directly within an Adobe Commerce website configuration.
Data Routing Architecture
- Context Resolution: When an operational payload (such as an order export) triggers, the connector identifies the originating Adobe Commerce website.
- Credential Lookup: The system retrieves the precise Fluent API credentials bound to that specific website's store settings.
- Tenant Isolation: The connector authenticates directly against the corresponding, isolated Fluent retailer account.
- Execution Boundary: Once authentication is successfully established against the target Fluent retailer, the data payload safely pushes to Fluent Commerce.
The Message Validator Chain
The base integration provides a standardized set of validators operating in a sequential chain. This infrastructure layer is located at:`FluentConnector\General\Api\WebHook\MessageValidatorChain`The core framework executes three fundamental compliance checks on every inbound payload:- Structural Verification: Inspects the request to confirm all required properties are present and valid.
- Entity Type Matching: Validates that the inbound target corresponds with expected system configurations (e.g.,
`ORDER`). - Cryptographic Signature Validation: Evaluates the incoming message signature to verify the request genuinely originated from Fluent Commerce and that its content was not modified in transit.
Component Dependency Injection
All primary configurations and components of this validator chain are declared in the native Adobe Commerce dependency injection file (`di.xml`) of the general connector framework. This decoupled design ensures technical implementation teams can easily modify, extend, or override the validation sequence to accommodate unique security parameters.
