Skip to main content

Single Sign On by customer reference

Single Sign On by customer reference

Last updated: 13-Oct-2021
Rate this article:


Use the getSingleSignOnByCustomer method to create Single Sign-On links into 2Checkout myAccount based on customer references (IDs). Use either the 2Checkout Customer Reference or the External Customer Reference to identify specific customers.





Required (string)


Session identifier, the output of the Login method. Include sessionID into all your requests. 2Checkout throws an exception if the values are incorrect.  The sessionID expires in 10 minutes.


Required (string)


Unique customer identifiers. Can be either the ExternalCustomerReference you control or the system-generated 2CheckoutCustomerReference.


Required (string)


Possible values:

  • ExternalCustomerReference
  • 2CheckoutCustomerReference


Optional (string)


The specific myAccount page where you redirect the customer.

Possible values:

my_subscription - redirect shoppers to the subscription's page of myAccount based on the SubscriptionReference you provide.

my_products - redirects shoppers to the myAccount page designed to list all products purchased from 2Checkout.

user_data - redirects shoppers to the Personal Information page in myAccount

order_lookup - redirects shoppers to the Order Lookup area of myAccount:

faq - redirects shoppers to the Support page of myAccount


payment_methods – redirect shoppers to the Payment Methods area of myAccount:

Do not include PAGE in the URL to redirect shoppers to myAccount homepage



Optional (string)


Needed for 'my_subscription'

Request[]=code=123D40F123 redirects customers to the page for the subscription with the 123D40F123 SubscriptionReference value.



Optional (int)


The time, in seconds, before the single sign-on URL expires. By default, the URL expires after 10 seconds. (optional)


Optional (string)


The IP address of the shopper, necessary for security purposes. Can be an empty string or a valid IP, or null.

LanguageCode Optional (string)
  ISO 639-1 two-letter code.


Parameter Type/Description

Single sign-on URL



The string generated is the complete single sign-on URL pointing to 2Checkout myAccount, containing the unique URL. Shoppers using it log into their 2Checkout myAccount automatically.


function callRPC($Request, $hostUrl, $Debug = true) {
    $curl = curl_init($hostUrl);
    curl_setopt($curl, CURLOPT_POST, 1);
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
    curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);
    curl_setopt($curl, CURLOPT_SSLVERSION, 0);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: application/json', 'Accept: application/json'));
    $RequestString = json_encode($Request);
    curl_setopt($curl, CURLOPT_POSTFIELDS, $RequestString);
    if ($Debug) {
    $ResponseString = curl_exec($curl);
    if ($Debug) {
    if (!empty($ResponseString)) {
        $Response = json_decode($ResponseString);
        if (isset($Response->result)) {
            return $Response->result;
        if (!is_null($Response->error)) {
            var_dump($Request->method, $Response->error);
    } else {
        return null;
$host = '';
$merchantCode = "YOUR_MERCHANT_CODE";// your account's merchant code available in the 'System settings' area of the cPanel:
$key = "YOUR_SECRET_KEY";// your account's secret key available in the 'System settings' area of the cPanel:
$string = strlen($merchantCode) . $merchantCode . strlen(gmdate('Y-m-d H:i:s')) . gmdate('Y-m-d H:i:s');
$hash = hash_hmac('md5', $string, $key);
$i = 1; // counter for api calls
// call login
$jsonRpcRequest = new stdClass();
$jsonRpcRequest->jsonrpc = '2.0';
$jsonRpcRequest->method = 'login';
$jsonRpcRequest->params = array($merchantCode, gmdate('Y-m-d H:i:s'), $hash);
$jsonRpcRequest->id = $i++;
$sessionID = callRPC($jsonRpcRequest, $host);
$IdCustomer = '352365983';
$CustomerType = '2CheckoutCustomerReference';
$Page = 'my_license';
$Request = null;
$ValidityTime = 50;
$ValidationIp = null;

$jsonRpcRequest = array (
'method' => 'getSingleSignOnByCustomer',
'params' => array($sessionID, $IdCustomer, $CustomerType, $Page, $Request, $ValidityTime, $ValidationIp),
'id' => $i++,
'jsonrpc' => '2.0');

var_dump (callRPC((Object)$jsonRpcRequest, $host, true));
Rate this article:

Need help?

Do you have a question? If you didn’t find the answer you are looking for in our documentation, you can contact our Support teams for more information. If you have a technical issue or question, please contact us. We are happy to help.

Not yet a Verifone customer?

We’ll help you choose the right payment solution for your business, wherever you want to sell, in-person or online. Our team of experts will happily discuss your needs.

Verifone logo