WooCommerce Engineering Nebudil 7–8 min read

How to Access Guest Order Links in WooCommerce: Complete Guide

Plugins, core shortcodes, pay-without-login snippets, custom endpoints, CheckoutWC, and carrier tracking—without forcing account creation

The problem: guest orders are hard to reopen

Guests get a confirmation email, but commonly struggle to:

  • View full order details later without an account
  • Track shipment from a single obvious place
  • Return to the Thank you screen
  • Complete pending payment when deposits or follow-up charges apply

Hitting URLs like /my-account/view-order/123/ while logged out usually bounces to login or shows an error—by design on many setups.

Solution 1: Guest Order Tracking plugin (easiest)

The free Guest Order Tracking for WooCommerce plugin is the quickest path for many stores.

How it behaves

  • Guest opens an order URL (for example from email)
  • Plugin can send them to a dedicated tracking page
  • Order ID is pre-filled; guest confirms with billing email

Setup

  1. Plugins → Add New → search Guest Order Tracking for WooCommerce → install and activate
  2. Pages → Add New → title e.g. “Track your order” → add shortcode [woocommerce_order_tracking] → publish and copy the URL
  3. WooCommerce → Settings → Guest Order Tracking (label may vary by version) → paste the tracking page URL → save

After configuration, email links can land on tracking with the ID ready; the customer enters email to unlock details.

Solution 2: Native [woocommerce_order_tracking]

WooCommerce ships a built-in tracking form for guests and logged-in users alike.

  1. Create a page (e.g. “Order tracking”)
  2. Insert [woocommerce_order_tracking]
  3. Publish and link it from footer, emails, and confirmation screens

Limitation: Guests must type order ID and billing email—plain email links do not auto-fill both fields unless another layer (Solution 1) handles it.

Solution 3: “Pay for order” without login

Deposit, partial payment, or some subscription-style flows send shoppers to Pay for order. Guests may see blocks such as “Please log in…” or email-verification prompts.

Add to a child theme or small custom plugin (adjust to verify the key in production):

/**
 * Allow guests to pay for order when URL key matches the order.
 */
add_filter( 'user_has_cap', 'allow_guest_order_pay', 9999, 3 );

function allow_guest_order_pay( $allcaps, $caps, $args ) {
    if ( ! isset( $caps[0], $args[2] ) || 'pay_for_order' !== $caps[0] ) {
        return $allcaps;
    }
    if ( empty( $_GET['key'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification.Recommended
        return $allcaps;
    }
    $order_id = absint( $args[2] );
    $order    = wc_get_order( $order_id );
    $key      = isset( $_GET['key'] ) ? wc_clean( wp_unslash( $_GET['key'] ) ) : ''; // phpcs:ignore WordPress.Security.NonceVerification.Recommended

    if ( $order && hash_equals( $order->get_order_key(), $key ) ) {
        $allcaps['pay_for_order'] = true;
    }
    return $allcaps;
}

/**
 * Optional: relax WC email verification on pay links (only if you accept the trade-off).
 */
add_filter( 'woocommerce_order_email_verification_required', '__return_false', 9999 );

Clear caches after deploy. If checkout still prompts for login, rule out a custom pay template or another plugin re-imposing checks.

Solution 4: Custom direct order view (advanced)

Developers can expose a signed-style URL pattern such as /order-view/999/?key=… so guests see order output without my-account.

Register endpoint and handler

/**
 * URL shape: /order-view/{id}/?key=ORDER_KEY
 */
add_action( 'init', 'add_guest_order_endpoint' );

function add_guest_order_endpoint() {
    add_rewrite_endpoint( 'order-view', EP_ROOT );
}

add_action( 'template_redirect', 'handle_guest_order_view' );

function handle_guest_order_view() {
    global $wp_query;

    if ( ! isset( $wp_query->query_vars['order-view'] ) ) {
        return;
    }

    $order_id  = absint( $wp_query->query_vars['order-view'] );
    $order_key = isset( $_GET['key'] ) ? sanitize_text_field( wp_unslash( $_GET['key'] ) ) : ''; // phpcs:ignore WordPress.Security.NonceVerification.Recommended

    if ( ! $order_id || ! $order_key ) {
        wp_safe_redirect( home_url( '/' ) );
        exit;
    }

    $order = wc_get_order( $order_id );

    if ( ! $order || ! hash_equals( $order->get_order_key(), $order_key ) ) {
        wp_die( esc_html__( 'Invalid order access.', 'textdomain' ) );
    }

    wc_get_template( 'checkout/thankyou.php', array( 'order' => $order ) );
    exit;
}

After adding rewrite rules: Settings → Permalinks → Save to flush. The thank-you template is a starting point—you may prefer a minimal custom template that omits payment buttons when inappropriate.

add_action( 'woocommerce_email_after_order_table', 'add_guest_order_link', 10, 4 );

function add_guest_order_link( $order, $sent_to_admin, $plain_text, $email ) {
    if ( $sent_to_admin || ! $order instanceof WC_Order ) {
        return;
    }
    $order_id  = $order->get_id();
    $order_key = $order->get_order_key();
    $view_url  = add_query_arg( 'key', $order_key, home_url( "/order-view/{$order_id}/" ) );

    if ( $plain_text ) {
        echo "\n" . esc_html__( 'View your order:', 'textdomain' ) . ' ' . esc_url_raw( $view_url ) . "\n";
        return;
    }
    echo '<p><strong>' . esc_html__( 'View your order:', 'textdomain' ) . '</strong> ';
    echo '<a href="' . esc_url( $view_url ) . '">' . esc_html__( 'Order details', 'textdomain' ) . '</a></p>';
}

Solution 5: CheckoutWC user matching (premium)

If you use CheckoutWC, User matching can attach a guest order to an existing account when the checkout email already exists—so “log in later” surfaces history without blocking guest checkout upfront.

Typical path: CheckoutWC → Pages (or plugin docs) → Login and registration → enable User matching → save.

Solution 6: Third-party shipment tracking

Carrier-centric tracking lives outside WooCommerce auth—good for “where is my package?” without my-account.

Service Guest access pattern Best for
AfterShip Branded tracking page / widget Many carriers, consistent UX
TrackShip Automated tracking links in email Notification-heavy workflows
Shippo Carrier tracking URLs in messages Multi-carrier label stacks
17TRACK Universal lookup page International lanes

Which approach to pick?

Solution Cost Setup Best for
Guest Order Tracking plugin Free ~5 min Fast default: redirect + pre-filled ID
Native shortcode only Free ~5 min Minimal stack; manual ID + email
Pay-for-order snippet Free ~2 min Pending payment / deposit flows
Custom order-view endpoint Free (dev time) ~30+ min Shopify-style status URLs you control
CheckoutWC matching Paid plugin ~10 min Stores already on CheckoutWC
AfterShip / TrackShip tier Paid SaaS (varies) ~20 min High volume, branded tracking

Best practices

  1. Emails: order number, link to tracking (or deep link), support contact, explicit “no account needed” copy.
  2. Discovery: add “Track order” to primary nav, footer, thank-you page, and transactional footers.
  3. Form UX: only order ID + email when possible; drop extra fields that do not reduce fraud.
  4. Post-purchase accounts: optional “Save my details for next time” with incentive beats mandatory registration at checkout.

Troubleshooting

  • Still sent to login: confirm the guest-tracking plugin is active and its tracking page URL is saved; purge caches.
  • Pay page demands login: deploy the capability approach with key verification; clear opcode/page cache.
  • “Invalid order” on track form: billing email must match exactly (Gmail dots/plus addressing included).
  • Custom endpoint 404: flush permalinks (Settings → Permalinks → Save).

Conclusion

Most stores solve guest friction with the free tracking plugin or a prominent shortcode page. Add pay-for-order hardening when money is still due after checkout, and layer carrier tracking for delivery status. Principle: do not force account creation just to see an order—every extra step lifts support load and erodes trust.

Related: checkout shipping troubleshooting when quotes or zones confuse guests after purchase.

Frequently asked questions

Can WooCommerce guests view orders without an account?

Yes, via the [woocommerce_order_tracking] form, a guest-tracking plugin that redirects from email links, or custom URLs that validate the order key.

What shortcode shows order tracking?

[woocommerce_order_tracking] on any page—customers enter order number and billing email.

How do guests pay a pending order?

They need the emailed pay link with pay_for_order=true and a valid key query arg. If WordPress still requires login, use a vetted capability filter that checks hash_equals( $order->get_order_key(), $key ).

Is disabling woocommerce_order_email_verification_required safe?

It reduces friction but weakens a guard rail. Prefer keeping verification on unless the order key is already cryptographically verified in your flow.

Why does my custom order-view URL 404?

Flush rewrite rules from Settings → Permalinks. Ensure the endpoint is registered on init before the flush.

Share

Related posts

Comments

No comments yet. Be the first to reply.

Leave a reply