As of API version 2025-10, apps with read_customer_payment_methods scope can query the new mandate connection on the CustomerPaymentMethod object.
This connection returns what each payment method is authorized for (orders, subscriptions, checkout, etc.) via the resourceType field and the resourceId when applicable.