Skip to main content

Single Sign On in cart

Single Sign On in cart

Last updated: 13-Oct-2021
Rate this article:


Use the getSingleSignOnInCart method.  Avangate attaches a unique token to links, designed to identify the returning shoppers and support the automatic extraction of payment data and billing information from the Avangate system. For example, you can generate single sign on in cart links for existing customers logged into your website based on their external or Avangate customer IDs.

How does this work?

When accessing the shopping cart using tokenized payment links:

  • Avangate prefills automatically customer billing and delivery details associated with their Avangate customer accounts (linked based on their unique customer IDs).
  • Avangate presents shoppers with an optimized payment area featuring the credit / debit cards used to make previous purchases / transactions in the Avangate system. Customers have the option of selecting one of the payment methods depending on available card-on-file data.


Parameters Type/Description


Required (string)


Session identifier, the output of the Login method. Include sessionID into all your requests. Avangate throws an exception if the values are incorrect.  The sessionID expires in 10 minutes.


Required (string)


Unique customer identifiers. Can be either the ExternalCustomerReference you control or the system-generated AvangateCustomerReference.


Required (string)


Possible values:

  • ExternalCustomerReference
  • AvangateCustomerReference


Required (string)


The shopping cart URL. Avangate redirects shoppers to this URL.


Possible values:


Any buy link you generate from the cPanel or using the API. Note: For the time being, payment tokenization does not support Express Payments Checkout or the Avangate mobile shopping cart.


Optional (int)


The time, in seconds, before the single sign-on URL expires. By default, the URL expires after 10 seconds. (optional)


Optional (string)


The IP address of the shopper, necessary for security purposes. Can be an empty string or a valid IP, or null.


Parameters Type/Description

Single sign-on URL



The generated string is the tokenized time-limited single sign-on URL pointing to Avangate shopping cart.


Note: Each SSO link cleans any previous cart sessions. Shoppers using multiple SSO links would purchase only a single product at a time.


If shoppers add multiple products to cart via SSO buy links and then use a non-SSO link, they’ll purchase all items using the same order.

When you use single sign on in cart for customers without card on files in the Avangate system, the generated tokenized link prefills the billing information but the purchase process requires that shoppers provide payment information, such as a credit or debit card.



Important! You can use the value of the logintoken to retrieve customer information by SSO token.




require ('PATH_TO_AUTH');

$idCustomer = '352365983';
$customerType = 'AvangateCustomerReference';
$url = '';
$validityTime = 50;
$validationIp = null;

$jsonRpcRequest = array (
'method' => 'getSingleSignOnInCart',
'params' => array($sessionID, $idCustomer, $customerType, $url, $validityTime, $validationIp),
'id' => $i++,
'jsonrpc' => '2.0');

var_dump (callRPC((Object)$jsonRpcRequest, $host, true));
Rate this article:
Logo of Verifone