Search for existing answers to your product and support questions.
Familiarize yourself with our support site and learn best practices in working with our team.
Manage Service Requests, View and update service requests submitted by you and others in your organization.
Submit a new issue to our technical support team.
Oracle B2C Service insights from our Technical Support team subject matter experts
Browse resources to assist you in launching your implementation and ensure a successful go-live.
Access your OCI account.
Find product documentation for supported versions of B2C and documentation libraries for related service solutions.
You will have the tools to improve your customers' experience when you learn about all the things our products can do.
Find links for API documentation, Custom Processes, Customer Portal, and Agent Browser UI Extensibility Framework.
Explore how accelerators are designed to demonstrate how an integration scenario could be built using the public integration and extension capabilities of the Oracle B2C Service.
Prepare for a successful transition by reviewing upcoming release changes and enhancements.
Explore webinars, events, and feature kits to learn about B2C Service features, functionality, and best practices from the technical experts.
Oracle MyLearn offers a portfolio of free and paid subscription-based learning resources to help you gain valuable skills, accelerate cloud adoption, increase productivity, and transform your business.
Empower your team with the skills to implement, configure, manage, and use your applications with Customer Experience Cloud Training.
Our goal is to facilitate a friendly, supportive environment where members can easily collaborate with each other on solutions and best practices.
Ask and answer questions specific to B2C.
This is an exciting resource intended to help with your Oracle Service Cloud Analytics.
Share product improvement ideas and enhancement requests with Oracle Development, while collaborating with other Oracle customers and partners.
Update your phone number, email notification preferences, and severity 1 and severity 2 contact preferences.
View the contact managers within your organization.
Find contact information of the Technical Account Manager (TAM) and Client Success Manager (CSM) for your organization.
What is HSTS, and how do we enable it for our site?
Environment:
HSTS (HTTP Strict Transport Security)Oracle B2C Service, All supported versionsSites that use custom domain SSL
Issue:
We are interested in learning about HSTS (HTTP Strict Transport Security), and/or would like to have it enabled for our site.
Resolution:
HSTS stands for HTTP Strict Transport Security, and helps to further protect websites from malicious activity by requiring the use of HTTPS only through various means, for all transactions between the client device and our servers. This will apply to your end-user's experience on your customer portal as well as to your agents' instances of the admin console. HSTS is useful in helping to prevent downgrade attacks and cookie hijacking by imposing strict browsing requirements to client devices.
The 'preload' option can be employed too, which tells major browsers to include your custom domain in their published releases, further enhancing security by ensuring that the parent domain has been validated by Mozilla Firefox, Microsoft IE/Edge, Google Chrome, etc. Once the domain is submitted to be included in the preload list, the change cannot be reversed by Oracle.
If you are interested in enabling HSTS for your B2C Service instance, please submit a ticket to Technical Support. While parameters can be added to the strict transport security header for custhelp.com domains, in order to make complete use of those parameters you must have your own custom domain in place for the relevant interface, and ensure that your internal network is properly set up for SSL only.