> For the complete documentation index, see [llms.txt](https://developer.esw.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://developer.esw.com/light-touch-integration/features/checkout/stored-cards-in-checkout.md).

# Stored Cards in Checkout

ESW can let logged-in shoppers use previously stored cards during checkout. This makes repeat purchases faster and reduces payment friction.

This feature depends on the shopper being recognized securely during the checkout flow.

### Supported LTI platforms

<table data-view="cards"><thead><tr><th>Platform</th><th>Description</th></tr></thead><tbody><tr><td>BigCommerce</td><td>Supports stored cards through the standard LTI integration path.</td></tr><tr><td>WooCommerce</td><td>Supports stored cards through the standard LTI integration path.</td></tr><tr><td>Commerce Tools</td><td>Supports stored cards through the standard LTI integration path.</td></tr><tr><td>Callback API</td><td>Supports stored cards through the custom LTI integration path.</td></tr></tbody></table>

### How it works

{% stepper %}
{% step %}

#### Send the required checkout data

LTI sends the required data in the PreOrder so checkout can determine whether stored cards are available for the shopper.
{% endstep %}

{% step %}

#### Pass the encrypted shopper ID

The encrypted `customerID` for the logged-in shopper is passed to ESW checkout through the PreOrder flow.
{% endstep %}

{% step %}

#### Return a shopper access token

The PreOrder response returns a `shopperAccessToken`. That token is written to cookies before the shopper is redirected to ESW Checkout.
{% endstep %}

{% step %}

#### Load stored payment methods

The Checkout UI reads that token and uses it to query the shopper’s saved payment methods. If stored cards exist, checkout can offer them as payment options.
{% endstep %}
{% endstepper %}

When this feature is enabled, logged-in shoppers can move through checkout faster by using stored cards.

### Security measures

#### Retailer-side security

The retailer controls the encryption or hashing approach and manages the related keys. ESW does not need the retailer’s private key to validate the shopper identity.

The secure retailer flow works as follows:

{% stepper %}
{% step %}

#### Encrypt the shopper ID

After the shopper signs in, add the encrypted or hashed user ID to browser cookies.
{% endstep %}

{% step %}

#### Send the encrypted value to GetCart

LTI uses that encrypted value when calling the `GetCart` endpoint.
{% endstep %}

{% step %}

#### Validate and decrypt in the platform

The retailer validates the encrypted user ID and returns the decrypted original user ID in the `GetCart` response.
{% endstep %}

{% step %}

#### Generate the PreOrder

LTI uses the decrypted user ID to generate the PreOrder.
{% endstep %}
{% endstepper %}

#### ESW-side security

ESW uses a short-lived token to retrieve stored cards securely during checkout.

{% hint style="info" %}

* When LTI generates an ESW PreOrder with a registered user ID, ESW can generate a unique `shopperAccessToken`.
* That `shopperAccessToken` is added to browser cookies and is valid only for a limited time.
* When the shopper reaches ESW checkout, ESW reads the `shopperAccessToken` from the browser cookies on the retailer’s top-level domain.
* ESW then uses that token to retrieve the shopper’s stored cards and present them as payment options.
  {% endhint %}


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://developer.esw.com/light-touch-integration/features/checkout/stored-cards-in-checkout.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
