# Continuous cart authentication — Shopify developer changelog
---
## Continuous cart authentication

We’ve recently rolled out a change that enables continuous authentication when a customerAccessToken is appended to the cart in the buyerIdentity object. The obtained checkoutUrl allows authenticated customers to navigate to a logged-in checkout experience. Note that for security reasons, the checkoutUrl should be requested when the customer is ready to navigate to checkout, which can be re-requested if needed.

To log in customers automatically at checkout, please [append the customerAccessToken](https://shopify.dev/docs/storefronts/headless/building-with-the-storefront-api/cart/manage#step-6-authenticate-customer-for-logged-in-checkouts) into the Buyer Identity object of the Storefront API Cart and [include the buyer IP address](https://shopify.dev/docs/api/usage/authentication#making-server-side-requests) when making server side requests.

For developers building mobile apps with the Checkout Sheet Kit, see this [detailed guide](https://shopify.dev/docs/storefronts/headless/mobile-apps/checkout-sheet-kit/authenticate-checkouts) to create authenticated checkout experiences for buyers within mobile apps. Previously, opening an authenticated checkout was only possible using multipass limited to Shopify Plus plans and legacy customer accounts. Now, authenticated checkouts are possible for merchants on all plans and customer account versions.

*Published: January 16, 2025*
Tags: API, Update
Link: https://shopify.dev/changelog/continuous-cart-authentication

---