The main focus of this release was Storefront API redesign and Mobile Starter kit.

Mobile Starter kit

Check out our new Mobile Starter kit for developing e-commerce apps using VirtoCommerce API. It is developed using Ionic Framework, AngularJS and Cordova:

The VirtoCommerce Mobile Starter kit is currently available to partners and customers only. Contact us for more info on how to get the kit:

A preconfigured Mobile Starter kit app is already publicly available. Check for instructions at Mobile Starter app page.

Storefront API

A new storefront API layer was defined. Create new point of sale applications in any environment or technology and exchange the data in Json format:

Currently web Storefront and Mobile Starter kit utilize this common API. The existing Storefront controllers were significantly refactored in favor of the new API.

Login on behalf

A VirtoCommerce Manager user (operator) possessing a store:loginOnBehalf permission can sign in to Storefront on behalf of a customer and do everything the customer can.

Login on behalf button was added to the customer account management toolbar. Click to open a special Storefront page for logging in as a selected customer:

Operator should enter his own credentials and get signed in as a customer:

This “Logged in on behalf of” fact is indicated in the upper right corner. Customer in this case is the first name of the customer:

Information about the operator is stored in the authentication cookie and saved to the appropriate (CreatedBy, ModifiedBy) database fields later.

Order created by operator on behalf of Customer

Stores trusted relationships

Previously all stores were sharing security accounts and each registered user could login to any store. In version 2.8 we changed this behaviour - stores trusted relationships were added. This enables more flexible control and access management for stores.

By default a store is not sharing security accounts, meaning that all accounts that were registered in it can login to that store only. But you can change this behavior by adding trusted relationship links to other stores. That means that all accounts registered in this store can also login to other store(s).


We have two stores: Electronics and Clothing. We want users of Electronics store to be able to login to **Clothing **(but not vice versa). We do it by adding **Clothing **to linked stores list of **Electronics **store:

Now you can extend your site menu links by adding association to existing product or category:

Then you can use associated product or category object in your storefront theme:

Showing menu items with category image:

Menus decorated with images from associated categories

Product cloning

Now you can make copy of a product record with all related objects (variations, properties, descriptions, etc.)

Open Storefront store from manager

Operator can now navigate quickly to the store in Storefront from the currently viewed store in Manager:

Platform API changes

New methods

POST /api/platform/assets/localstorage This method is used to upload files on local disk storage in a special uploads folder

GET /api/stores//accounts//loginonbehalf Check if given account has login on behalf permission

GET /api/stores/allowed/ Returns list of stores which user can login to

Changed methods

GET /api/contacts/ - added new property Contact.SecurityAccounts. Returns all security account’s logins associated with this member.

GET /api/storefront/security/user/id/

GET /api/storefront/security/user/name/

GET /api/storefront/security/user/external - Changed response type to StorefrontUser with new property AllowedStores (Array[string], optional): List of stores which user can login to.