Area: Episerver Commerce
Applies to versions: 10 and higher
Other versions:


This topic describes the Customer Management system, a central component that lets you add organizations, contacts, and Commerce Manager users. From Customer Management, you also can create purchase orders for each customer account.

The following image illustrates the Customer Management system and the relationship among the various objects. You can create different types of relationships between Business Foundation (BF) objects. See Meta-class references


  • Organization. Group or sub-group of contacts.
  • Contact. Individual with a set of personalized information (name, address, email, and so on). A contact can be a customer or a user with Commerce Manager permissions to manage one or more systems.
  • Commerce Manager User. User with an assigned role that provides access to the Commerce Manager site.

Classes in this topic are available in the following namespaces:

  • Mediachase.BusinessFoundation.Data.Business
  • Mediachase.Commerce.Customers
  • Mediachase.BusinessFoundation.Data.Business
  • Mediachase.Commerce.Security

Customer groups

Customer groups target multiple Customers and Organizations for pricing and promotions. Both the Customer and the Organization expose their own CustomerGroup information, and the Customer has a derived property, called EffectiveCustomerGroup, that combines the two with the priority on the Organization value. See Customer Groups.

EffectiveCustomerGroup is used in pricing and promotions instead of the regular CustomerGroup. The EffectiveCustomerGroup returns the CustomerGroup of the parent Organization, if the CustomerContact belongs to a parent Organization that belongs to a CustomerGroup. Otherwise, EffectiveCustomerGroup returns its own group.

Child organizations

Use EntityObject to access an organization's child organizations, a core BF object. The EntityObject is an important base class for CustomerContact, Organization, and any custom business objects you create. EntityObject has only a PrimaryKeyId property to retrieve the full organization object from the CustomerContext singleton.

Security fundamentals


  • Primary mechanism for configuring authorization.
  • Stand-alone method of providing an authorization scheme.
  • Configured through the Commerce Manager GUI.
  • Role names are hard-coded strings, meaning that code using roles for authorization needs to have semantic knowledge of the role meaning.
  • Each role can have associated permissions.


  • Allow for more complex roles.
  • Usage is primarily designed for the Commerce Manager UI.
  • Commerce Manager has no UI to create, edit, or delete custom permissions. You must do this manually.

Note: The permissions infrastructure allows for more complex permission management. However, work is required to implement a custom security system with roles, permission hierarchies, and logic.

Security API

  • The CustomerProfile class extends the System.Web.Security.CurrentUserProfile and contains login information.
  • The State property indicates whether a user is logged in.
  • The SecurityContext singleton contains methods to check the roles and permissions associated with a user.
  • Permissions are used heavily in the Commerce Manager to distinguish complex rights and to lock down a view in the catalog system to be read-only for some users while giving write access to admin users.


Last updated: Oct 24, 2016