My account

My Account is the customer’s self-service hub: a place to review order history, manage personal details, and access account features like wishlist, subscriptions, and newsletter preferences. The Storefront API supports both the sign-in journey and the customer data retrieval needed to build these pages.

What you can build

A standard My Account experience usually includes:

Profile & contact details: Name, email, phone number.
Addresses: Management of billing details.
Order history: Review of previous purchases and status.
Newsletter & consents: Opt-in management.
Customer attributes: Preferences, segmentation, and internal flags.
Wishlist: Saved items.
Subscriptions: Management of subscription contracts.

Customer types: registered vs non-registered

Centra distinguishes between two customer “types” depending on whether the shopper was logged in when ordering:

Non-registered customer: Created implicitly when orders are placed without a logged-in session.
Registered customer: Created when the customer explicitly signs up (and used when they are logged in).

Note on merging: If a shopper places orders using an email address without logging in, those orders accumulate under a Non-registered customer profile. If they later register with that same email, Centra creates a new Registered customer profile. These two profiles do not automatically merge. Merging must be done manually via Centra’s backend interface.

What this means for order history

When you fetch orders for a logged-in customer, the response reflects only the Registered customer’s orders. Orders previously created under the Non-registered profile will not appear in this history until the profiles are merged in the backend.

Session mode vs logged-in mode

The Storefront API operates in two states relevant to account management:

SESSION: The default anonymous state (shopping/browsing).
LOGGED_IN: An authenticated state that unlocks customer-specific queries.

Register a customer

To register a user, use the registerCustomer mutation. While the input object allows for a full scope of data, the only required fields are firstName, lastName, email, and country.

You can also streamline the user experience by:

Pre-setting attributes: Passing consents and custom attribute values in the input so the customer is created with preferences already assigned.
Auto-login: Setting "loginOnSuccess": true to immediately switch the session to LOGGED_IN upon successful registration.

Log in a customer

Market & Pricelist Handling: By default, the active market and pricelist are based on the anonymous session. However, customers may have specific markets assigned to them. To ensure the session updates to match the customer's settings, you must specify this in the loginOptions input.

On success:

The session switches to LOGGED_IN.
The response returns the loggedIn object, containing the customer, updated selection, and session data.

Log out a customer

To log a customer out, use the logout mutation. This clears the LOGGED_IN state and returns the API to SESSION mode.

Retaining the Cart: By default, the selection (cart) may be detached upon logout. To keep the cart active for the anonymous session, ensure the "Retain session after logout" setting is enabled in the Storefront API plugin configuration.

Forgot password reset flow

If a customer forgets their password, use the requestPasswordResetEmail mutation. This triggers an email containing a reset link.

Constructing the Link: The link is generated using the Frontend URL defined in the Storefront API plugin settings, combined with a URI variable you provide in the resetPasswordExternalURL field.

Example: If your Frontend URL is https://example.com and you pass hello/world as the mutation variable, the customer receives: https://example.com/hello/world?i=123&id=567.

Password reset

To finalize the process, use the resetPassword mutation. You will need to capture the parameters from the link sent in the email.

Required inputs: Customer ID, new password, password confirmation, and the i hash value used for validation.
Auto-login: Like registration, you can set "loginOnSuccess": true to log the user in immediately after the reset.

Users do not need to be logged in to subscribe. You can use the subscribeToNewsletter mutation while in SESSION mode. This mutation supports CAPTCHA protection and accepts additional subscriber info if needed.

Customer data for My Account

The customer query is the backbone

Once the session is in LOGGED_IN mode, the customer query becomes available. This query powers the majority of My Account modules. It is highly modular—you should only request the specific objects needed for the page the user is viewing (e.g., fetching only profile details for the settings page, or only orders for the history page).

Recommended modules

Profile & address details: Display personal info, shipping, and billing addresses using the general fields within the customer response.
Order history: Use the orders object to fetch the logged-in customer’s history. (Recall: This returns data for the Registered profile only).
Newsletter & consents: Display current opt-in status.
Customer attributes: specific preferences, segmentation data, or internal flags stored in the attributes section of the query.
Wishlist & Subscriptions: These can be displayed via the wishlist and subscriptionContracts objects within the customer query.

note

For modification flows (adding/removing items or modifying contracts), refer to the dedicated Wishlist and Subscription implementation guides.

What you can build​

Customer types: registered vs non-registered​

What this means for order history​

Session mode vs logged-in mode​

Customer sign-in journey​

Register a customer​

Log in a customer​

Log out a customer​

Forgot password reset flow​

Password reset​

Subscribe a customer to the newsletter​

Customer data for My Account​

Recommended modules​