Verify External Password

If you are importing existing customer accounts to Kibo or using two customer systems simultaneously, you need to store an external password hash to migrate existing customer accounts seamlessly into Kibo, without having to require shoppers to create new passwords for the platform. Using the AddAccounts API operation, you can set the externalPassword property to store the password hash for the external customer account. You can then use this action, which runs during authentication, to code a function that verifies that the hashed version of a cleartext password provided by a shopper matches the external password hash for the account.

Action TypeEmbedded
Full Action IDembedded.commerce.customer.accounts.verifyExternalPassword
Runs multiple custom functions?No

JavaScript File Structure

Action files share the following basic structure:

module.exports = function(context, callback) {
   // Your custom code here

When you code the custom function for an action, you have access to two arguments:

callback—This argument follows the established JavaScript callback pattern: it takes an error as the first argument (or null if there is no error) and a result as the second argument (if required).

context—This argument provides the function access to relevant objects and methods that interface with Kibo.

Context: Password

The following methods and objects are available to this action through the use of the context argument.

Microservice Operation
This action corresponds to the microservice that verifies an external password.

Get Methods

Exec Methods

Context Objects Available to All Actions



Returns the cleartext password from an auth-token request.







Returns the external password hash stored on the customer record.








Indicates to the caller that the cleartext password matches the external password value (when hashed using the same mechanism that generated the value stored in externalPassword).

successValueBooleanTrue or false value. A true value prompts the calling service (Customer) to remove the externalPassword value on the customer record, hash the cleartext password, and store the new hashed value in the customer record. A false value results in an authentication failure on the originating auth-token request.



Response: N/A

Context Objects Available to All Actions


Accesses Kibo eCommerce tenant information.

baseUrlstringThe base URL for the site.
basePciUrlstringThe base PCI URL for the site.
tenantPodstringThe name of the tenant pod in which the tenant resides.
appClaimsstringThe application claims token.
appKeystringThe application key.
tenantIdintegerUnique identifier for the tenant.
siteIdintegerUnique identifier for the site. This ID is used at all levels of a store, catalog, and tenant to associate objects to a site.
masterCatalogIdintegerUnique identifier for the master catalog.
catalogIdintegerThe unique identifier for the product catalog. Catalogs are part of a master catalog.
currencyCodestringThe default three-letter ISO currency code for monetary amounts.
previewDatedate/timeThe date and time that the content is being viewed. This might be a future date if the content is previewed with an active date range set in the future.
localeCodestringThe locale code per the country code provided. This code determines the localized content to use and display.
correlationIdstringThe unique identifier of the API request associated with the event action, which might contain multiple actions.
isAuthorizedAsAdminBooleanIndicates whether the Dev Account user is authorized as an admin.
userClaimsstringThe user claims token.




Receives a JSON response that contains information about the configuration data set in the Action Management JSON editor.

VariesobjectCustom fields and values that you can set in the Action Management JSON Editor.