Place order with existing payment methods
Last updated: 19-Mar-2026
Rate this article:
Overview
2Checkout supports 1-click purchases for returning customers who paid for their previous orders with:
- Credit/Debit cards
How does this work?
- Identify returning customers.
- Retrieve the payment method token.
- Collect the CVV from the customer.
- Place a new order using a valid payment method token and CVV.
- 2Checkout charges returning customers using their payment-on-file information.
Requirements
- TransientToken required for the placeOrder method. Can be retrieved from getCustomerInformation.
- This method only woks with Credit/Debit cards.
Parameters
| Parameters | Type/Description |
|---|---|
| sessionID | Required (string) |
| Session identifier, the output of the Login method. Include sessionID into all your requests. 2Checkout throws an exception if the values are incorrect. The sessionID expires in 10 minutes. | |
| Order | Required (Object) |
| Object designed to collect all data necessary for an order, including billing, product/subscription plan and payment details. |
Response
| Parameters | Type/Description |
|---|---|
| Order information | Object |
| Object containing order information. |
Retrieve customer existent payment methods
<?php
declare(strict_types=1);
class Configuration
{
public const MERCHANT_CODE = 'MERCHANT_CODE';
public const MERCHANT_KEY = 'SECRET_KEY';
public const URL = 'https://api.2checkout.com/rpc/6.0';
public const ACTION = 'getCustomerInformation';
public const CUSTOMER_REF = '1111';
public const INCLUDE_PAYMENT_DATA = true;
//array or JSON
public const PAYLOAD = null;
}
class Client
{
private const LOGIN_METHOD = 'login';
private $calls = 1;
private $sessionId;
private function generateAuth(): array
{
$merchantCode = Configuration::MERCHANT_CODE;
$key = Configuration::MERCHANT_KEY;
$date = gmdate('Y-m-d H:i:s');
$string = strlen($merchantCode) . $merchantCode . strlen($date) . $date;
$hash = hash_hmac('md5', $string, $key);
return compact('merchantCode', 'date', 'hash');
}
public function login(string $url)
{
$payload = $this->generateAuth();
$response = $this->call($url, array_values($payload), self::LOGIN_METHOD);
$this->sessionId = $response['result'];
}
public function call(
string $url = Configuration::URL,
$payload = Configuration::PAYLOAD,
string $action = Configuration::ACTION
): ?array {
if (empty($this->sessionId) && $action !== self::LOGIN_METHOD) {
$this->login($url);
}
if(is_string($payload)) {
$payload = json_decode($payload, true);
}
if (!empty($this->sessionId)) {
$payload = [$this->sessionId, Configuration::CUSTOMER_REF, Configuration::CUSTOMER_REF, Configuration::INCLUDE_PAYMENT_DATA, $payload];
}
$payload = array_filter($payload);
$request = json_encode([
'jsonrpc' => '2.0',
'method' => $action,
'params' => $payload,
'id' => $this->calls++,
]);
$curl = curl_init($url);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($curl, CURLOPT_SSLVERSION, 0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: application/json', 'Accept: application/json', 'Cookie: XDEBUG_SESSION=PHPSTORM'));
curl_setopt($curl, CURLOPT_POSTFIELDS, $request);
$response = curl_exec($curl);
if(empty($response)) {
die('Server unavailable');
}
echo $response . '</br>';
return json_decode($response, true);;
}
}
$client = new Client();
$result = $client->call();
var_dump($result);
Response
| Parameters | Type/Description |
|---|---|
| Customer | Object |
Place an order using existing payment data
<?php
require('PATH_TO_AUTH');
$oldOrderExistent = callRPC((Object)$jsonRpcRequest, $host, true);
$Order = new stdClass();
$Order->RefNo = NULL;
$Order->Currency = 'usd';
$Order->Country = 'US';
$Order->Language = 'en';
$Order->CustomerIP = '91.220.121.21';
$Order->ExternalReference = NULL;
$Order->Source = NULL;
$Order->Affiliate = new stdClass();
$Order->Affiliate->AffiliateCode = 'Partner123'
$Order->Affiliate->AffiliateSource = 'MobilePlatform'
$Order->CustomerReference = NULL;
$Order->Items = array();
$Order->Items[0] = new stdClass();
$Order->Items[0]->Code = 'my_subscription_1';
$Order->Items[0]->Quantity = 1;
$Order->Items[0]->PriceOptions = NULL;
$Order->Items[0]->SKU = NULL;
$Order->Items[0]->Price = NULL;
$Order->Items[0]->CrossSell = NULL;
$Order->Items[0]->Trial = false;
$Order->BillingDetails = new stdClass();
$Order->BillingDetails->Email = $oldOrderExistent->BillingDetails->Email;;
$Order->DeliveryDetails = NULL;
$Order->PaymentDetails = new stdClass ();
$Order->PaymentDetails->Type = 'EXISTING_PAYMENT_DATA';
$Order->PaymentDetails->Currency = 'usd';
$Order->PaymentDetails->PaymentMethod = new stdClass ();
$Order->PaymentDetails->CustomerIP = '10.10.10.10';
$Order->PaymentDetails->PaymentMethod->TransientToken= 'oj5iyozmtkvuirzybvmwyhl3bl3nuxa44rkg5r1h';
$Order->PaymentDetails->PaymentMethod->CCID = '123';
$Order->PaymentDetails->PaymentMethod->Vendor3DSReturnURL = "http://www.success.ro";
$Order->PaymentDetails->PaymentMethod->Vendor3DSCancelURL = "http://www.error.ro";
$Order->Promotions = NULL;
$Order->AdditionalFields = NULL;
$Order->LocalTime = NULL;
$Order->GiftDetails = NULL;
$jsonRpcRequest = array (
'method' => 'placeOrder',
'params' => array($sessionID, $Order),
'id' => $i++,
'jsonrpc' => '2.0'
);
var_dump (callRPC((Object)$jsonRpcRequest, $host, true));
Rate this article:
