Carts are distinct from orders. A cart captures what a customer intends to purchase. An order is only created after the customer has completed payment (or submitted a quotation request). Until that point, the cart is the active record.
Permissions for cart management
Most cart-related tasks require one of the following permission sets assigned to your Salesforce profile:
| Role | Permissions |
|---|---|
| StoreConnect Administrator | Full access: view, edit, configure, and delete cart records; configure store settings |
| Order Manager or similar role | View and edit cart records |
How carts are created
A cart record is created automatically as soon as any visitor arrives at a StoreConnect webstore — before they add any products. This means many cart records in Salesforce will have no items. This is expected behaviour, not an error.
Each cart has an auto-numbered name in the format Cart-{000000} (for example, Cart-000142). This is assigned automatically and cannot be changed. A cart always belongs to a single store, identified by the Store field on the cart record.
Cart sources
The Source field on the cart record shows how the cart was created.
| Source | Description |
|---|---|
| web | Created by a customer browsing a StoreConnect webstore. |
| pos | Created through the StoreConnect Point of Sale (POS) terminal. |
| api | Created through the StoreConnect API by an external integration. |
| manual | Created directly in Salesforce by an admin or user. |
Important: Only carts with a source of web are eligible for automated abandoned cart processing. POS, API, and manual carts are excluded.
Cart statuses
The Status field tracks where the cart is in the checkout flow.
| Status | Description |
|---|---|
| open | Cart created. Customer can add or remove items. Default status for new carts. |
| customer | Customer has provided contact information (email, name, billing address). |
| shipping | Customer has selected a shipping method. |
| terms_and_conditions | Customer has accepted the terms and conditions. |
| payment | Customer has selected a payment method. Cart is ready for payment. |
| payment_processing | Payment is in progress. Cart can no longer be modified. |
| paid | Payment completed successfully. Cart can no longer be modified. |
| complete | Order fully processed and synced. Cart can no longer be modified. |
| failed | Payment failed. Customer may retry by returning to the payment step. |
| quotation_requested | A quotation has been requested. Cart can no longer be modified. |
The checkout flow
The standard checkout moves a cart through statuses in this sequence:
open → customer → shipping → terms_and_conditions → payment → payment_processing → paid → complete
Two alternate paths exist:
- Payment failure: Status moves to failed. The customer can retry, moving status back to payment.
- Quotation request: Status moves to quotation_requested instead of completing payment.
Status categories
Statuses fall into three categories that affect how the system handles the cart.
Unmodifiable statuses — cart items cannot be changed once these are reached:
- payment_processing
- paid
- complete
- quotation_requested
Abandonable statuses — eligible for the abandoned cart process:
- customer
- shipping
- terms_and_conditions
- payment
- failed
Carts with an open status are not eligible for abandonment because the customer has not yet entered the checkout flow.
Resumable statuses
A cart can be resumed by a returning customer only when all of these conditions are met:
- The browser still holds a valid sc_token cookie.
- The token matches a cart record in the database for the current store.
- The cart's Status is one of: open, customer, shipping, terms_and_conditions, payment, failed, or payment_processing.
- The Abandoned checkbox is not selected in the cart record.
Cart sessions across visits
When a customer visits a StoreConnect webstore, the application generates a unique session token stored in the browser as a signed, HTTP-only cookie named sc_token. The cookie cannot be read or modified by JavaScript.
When the customer returns, the application reads the cookie, finds the matching cart record in Salesforce, and resumes the session from where they left off. The same mechanism applies on desktop, mobile, and tablet devices.
When a session is lost
A session is lost when the sc_token cookie is removed. This can happen when the customer:
- Clears their browser cookies or browsing data
- Closes a private/incognito browsing window
- Uses a browser with aggressive privacy settings
When this happens, a new session token and a new cart record are created. The previous cart record is not deleted — it remains in Salesforce and will eventually be processed by the abandoned cart job.
POS cart sessions
POS carts use a different mechanism to web carts. Cart data is stored in the POS terminal's browser using local storage rather than a cookie. POS carts do not rely on the sc_token cookie and are tied to the specific terminal and operator, not to the customer's browser session.
If a POS terminal's browser data is cleared, any unsynchronised cart data may be lost.