Release notes

• Next.js has released version 15.2.3 to address a security vulnerability. Due to this CVE in previous versions, we recommend that developers upgrade to the latest version based on the guidance in Next.js’s official blog post here.

• As Catalyst is based on Next.js, this CVE affects all versions of Catalyst. We have released new versions of Catalyst with the latest version of Next.js to address the issue, but you can also trivially upgrade Next.js in your own Catalyst application by following the directions in the blog post.

B2B Updates

• Company Account Hierarchies - Now enabled by default for all new B2B Edition stores.

• Create a Quote Form - Added price validation to storefront quote creation, preventing invalid prices from being passed from the storefront. Custom prices remain allowed via the server-to-server endpoint.

Pricing Update

• Cursor Pagination - Now available for the Price list, Price list records, and Price list assignments endpoints. This update enhances navigation performance and supports large customer datasets.

Checkout Update

• Installing an Open Source Checkout - Updated documentation to reference the new PCI DSS 4.0 development guide and improve clarity for developers.

Currencies Updates

• Update a Currency - Removed required request body fields from this endpoint.

• Currencies Endpoints - Corrected to accurately reflect current behavior.

Enhancements & Fixes

• Carts - Updated theme names in the Carts V3 gift certificate array.

• Themes -

  • Removed references to Blueprint in the Bluecheck and Rebilia apps, as these apps are deprecated.

  • Fixed config.json rendering issues.

• Channels - Added a best practice for managing channels and their DNS in the Creating Channels article.

GraphQL API Update

• New Article: Best Practices for Using GraphQL APIs - Introduced a new guide to help merchants optimize store stability and performance when working with GraphQL APIs.

Catalyst Update

• Language selection in CLI - The Catalyst CLI now supports language selection. See Configuring language settings using the CLI for setup instructions.

Currencies Update

• Terminology Change: “Active currency” - Replaced “display currency” with “active currency” for consistency across the platform and updated the description for clarity.

B2B Update

• Improved navigation - Updated navigation items and links related to B2B Edition authentication to enhance readability and usability.

Orders Update

• Order Taxes API Enhancements -

  • Corrected the default value for the details request parameters.

  • Added default values for offset-based pagination parameters in the Get all order taxes endpoint to improve consistency and ease of use.

Checkout Updates

• New developer guide - Added a developer guide to assist in setting up PCI DSS 4.0 Section 6.4.3-compliant features for configuring open checkout, including step-by-step instructions and troubleshooting tips.

  

Webhook Updates

• Google Cloud Platform Pub/Sub Webhooks - Integration between Google Pub/Sub and BigCommerce is now generally available. This integration allows businesses to connect their BigCommerce store with Google's messaging service. Merchants can exchange event data such as order status, inventory changes, or customer events between distributed systems. For detailed setup instructions, prerequisites, and example use cases, refer to the Google Cloud Platform Pub/Sub Webhooks Overview.

  

B2B Updates

• Account Hierarchies - B2B now supports parent/child relationships between companies and company hierarchy trees, enabling inherited permission dependencies to enhance the customer experience.

• Company endpoints - We’ve enhanced the B2B Edition Company endpoints with additional details, including expanded descriptions of each endpoint, its parameters, queries, and fields. These improvements aim to provide better functionality for managing companies within B2B Edition.

Unified Billing Updates

• Example queries and mutations - Updated references of entityId to id to ensure consistency across the platform.

• Postman collection - Released a new Unified Billing postman collection, providing the latest API examples and configuration updates.

Enhancements & Fixes

• Locales configuration - Fixed the GraphQL Admin API link in Example requests of the Locales configuration article to ensure proper navigation and accuracy.

• Catalog updates - Removed the variants field from the Update Products (Batch) endpoint to address potential performance concerns.

GraphQL Storefront Updates

• Analytics session IDs - The GraphQL API now supports including a visitor ID when creating a session sync JWT using the generateSessionSyncJwt mutation. See the Persisting analytics session IDs section for details.

• Storefront routes - Added a new section describing the route node with examples illustrating its redirect behavior. Use route in queries to retrieve resource data by URL.

• Persistent cart - Persistent cart functionality is now available for all GraphQL login mutations. See the Signing customers in section for details.

Shipping Updates

• New endpoints - Added Get Shipping Settings per Channel and Update Shipping Settings per Channel endpoints.

• Error responses - Added missing error responses for the Update Shipping Settings endpoint.

• Updated field name - Changed out_of_zone_delivery_message to out_of_delivery_zone_message in the v3/shipping/settings endpoints.

  

Catalog Updates

• New sorting field - The v3/catalog/products endpoint now supports sorting by calculated_price.

• Category tree updates - Clarified how channels are used when updating a category tree.

Pricing Update

• Price rounding - Prices in the Get Prices endpoint response will align with the currency’s decimal precision.

Catalyst Update

• Multi-language Setup guide - Clarified how to modify product URLs and specified the languages available for default translations.

Unified Billing Update

• Testing Unified Billing with your app - Revised this section to improve clarity and accuracy.

Enhancements & Fixes

• Include parameter - Removed the 10-item-per-page limit for the include query parameter for the Get a Product endpoint.

• OAuth Scopes - Clarified that the Get All Shopper Profiles in a Segment endpoint requires Customers modify permission.

• Webhooks Tutorial - Fixed the broken ngrok download link.

• Locales - Fixed inaccuracies in the Query locales supported by the platform example.

Developer Blogs

• Laravel React Sample App - API client update for pagination

• Moore & Giles: Transforming Digital Commerce with a Custom BigCommerce Theme 

  Stay updated on the latest platform enhancements and improvements.

Enhancements & Fixes

• Event handling: Updated the cart and payment account page to replace inline event handlers with event listeners. #2536

• Multiple date field support: Enhanced Cornerstone to support multiple date fields while removing unnecessary blank spaces for a cleaner UI. #2533

• Wallet buttons: Improved logic for showing/hiding available wallet buttons on the product detail page (PDP). #2532

Announcement

• Validation for channel_id in POST/PUT /v2/orders

  The v2 Orders API now validates the channel_id field in both the Create an Order and Update an Order endpoints. Previously, invalid or non-existent channel_id values were accepted without error, potentially leading to data integrity issues. With this update, passing an invalid channel_id will result in a 400 error, ensuring better data hygiene.

API Updates

• Platform Limits - Added platform limits for the Inventory Adjustments and Locations APIs.

• JWT Session-Sync Limits - Added a note regarding the number of invalid session-sync JWT tokens allowed before the system blocks an IP address. See the Headless/GraphQL account login section for details.

Catalog Updates

• Best practices for Channel Assignment endpoint - Added best practices for using the Create Products Channel Assignment endpoint.

• New endpoint - Added the Get All Bulk Pricing Rules endpoint.

• Category trees usage notes & limits - Clarified the Create Categories depth limit and corrected the requirement for upserting category trees.

Checkout Updates

• New fields - Added custom_checkout_sri_hash and custom_order_confirmation_sri_hash to Get and Put Checkout Settings endpoints to allow merchants to provide a SRI hash for their custom checkout.

B2B Updates

• B2B Storefront Auth Token API response - Updated documentation to reflect that the Get a B2B StorefrontToken API returns a token as an array of strings, not a single string.

  

Stencil Updates

• Added handlebar helper - Added getImageSrcset1x2x to the list of available Custom helpers.

Enhancements & Fixes

• Removed an outdated note from the Get Email Templates and Get an Email Templates endpoints.

• Reorganized sections in the Orders Overview to reflect when tracking information becomes available.

• Corrected schema details for store/order/transaction/created.

• Fixed various broken links in the developer documentation.

Stencil

• Handlebars partial blocks for Stencil

  Stencil now supports Handlebars partial blocks, enabling merchants to leverage the latest handlebar features and best practices for enhanced flexibility and performance.

  

Unified Billing

• Unified Billing OAuth Scopes

  We’ve updated the OAuth scopes table to provide an accurate reflection of scope behavior.

Webhooks

• Webhook security update

  We’ve enhanced webhook security with a new verification header that uses the Standard Webhooks protocol. This header replaces previous security methods, such as authentication headers. Each webhook event is signed with the client secret, and you can verify its authenticity using the provided libraries.

Platform Limits

• URL & concurrent limits

  • Added URL character limits to the POST and PUT Product images endpoints.

  • Added concurrent limits to the POST and PUT Segments, and POST Shopper profiles to a segment endpoints.

Enhancements & Fixes

• Added a ttl object to the shipping rates response body.

• Added enum values for the consents array in the POST and PUT endpoints for subscribers v3.

Developer Blog

• Platform Updates: January 2025

  Stay informed with the latest platform updates and improvements.

API

• Cursor Pagination for getCustomers

  Cursor pagination is now available in the Customers V3 API for both the Get All Customers and Get Customer Form Field Values endpoints. This update improves navigation performance and supports many customers or form field values.

GraphQL

• Storefront GraphQL supports bi-directional pagination

  The Storefront GraphQL API fully supports bi-directional pagination, which improves performance when handling large datasets and enhances the overall user experience.

Unified Billing

• SubscriptionsQuery scope filter

  We’ve added a new filter to the SubscriptionQuery, allowing users to filter by scope. This filter reduces the need to manually track a store's subscriptions, helping partners streamline and reduce admin overhead. Note: We also added a new Requirements and limitations section for Partners.

Stencil

• New channelUrl parameter for stencil start

  We've added the channelUrl  parameter to the stencil start command. This parameter allows users to directly configure a BigCommerce domain, bypassing custom domain protections for users with a proxy or DNS settings that block requests from Stencil CLI.

Catalyst

• Localization updates

  We’ve updated the Catalyst Internalization guides to walk you through how to translate content into multiple languages on a single storefront and how to localize your store for multiple countries using multiple storefronts. For an overview, see the Internationalization overview.

Developer Blog

• How Fast Simon Used AI to Improve Francesca’s Search & Filter Implementation

• BigCommerce for Wordpress (BC4WP) Documentation Update

• Breaking Change Announcement: Update to v2 Orders API Side-Loadable Consignment Response August 2025