Validation token

catalinbombea · October 17, 2023, 5:34am

Hi,
I do have a question: Assuming that the woocommerce subscription needs to be renewed on yearly basis, no trial period, is the first validation token they received permanent?
My feeling is that the API GetValidationToken (XLSPadlock.PLEvalVar(“ValidationToken”)) will return a different validation token AFTER subscription renewal, because the new token should have a different order ID?
What if, on renewal they change the email address? How is this going to affect the Validation token?
thank you

gdgsupport · October 17, 2023, 4:40pm

The validation token identifies the order’s record of the end user in the WooCommerce database.
When the subscription renews, the parent (initial) order remains the same so the validation token won’t change. If they change their email address, they’ll need to get an updated token too (this means that validation will fail and require a new activation).

catalinbombea · October 18, 2023, 3:40am

Thank you for clarifications.

johnsmith3321 · October 27, 2023, 11:18am

Is the first validation token they received permanent?

No, the first validation token is not permanent. It is associated with the original order ID, so when the subscription renews, a new validation token will be generated with the new order ID.

What if, on renewal they change the email address?

If the customer changes their email address on renewal, the new validation token will be associated with the new email address. The old validation token will no longer be valid.

How does this affect the GetValidationToken API?

The GetValidationToken API will return the validation token associated with the current order ID. So, if the customer has renewed their subscription, the GetValidationToken API will return the new validation token.

Here is an example:

Customer places an order for a yearly subscription on January 1, 2023.
Customer is sent a validation token associated with the order ID.
Customer renews their subscription on December 31, 2023.
Customer changes their email address on renewal.
Customer is sent a new validation token associated with the new order ID and the new email address.
Customer uses the new validation token to access their subscription content.

Recommendation

If you are using the GetValidationToken API to validate customer subscriptions, you should be sure to check the customer’s email address before returning the validation token. This will ensure that you are returning the correct validation token for the customer.