Connecting to Shopify

In all cases, you must set ShopUrl to the full URL of your Shopify shop ( The rest of this document assumes that you have done so.

Access Token

Create a Custom App

Before authenticating, you need to create a custom application via your Shopify admin page. Follow the steps below to register an application and obtain the access token:

  1. Log in to your Shopify from the admin page and navigate to Apps > Apps and sales channels.

  2. Click Develop apps and select Create an app.

  3. In the Overview tab, click Configure Admin API scopes and select the access permissions for your store that you want to grant to your application. The permissions required by our provider to use all the tables and views are:

    • read_assigned_fulfillment_orders, write_assigned_fulfillment_orders

    • read_content, write_content

    • read_customers, write_customers

    • read_draft_orders, write_draft_orders

    • read_fulfillments, write_fulfillments

    • read_gift_cards, write_gift_cards

    • read_inventory, write_inventory

    • read_marketing_events, write_marketing_events

    • read_orders, write_orders

    • read_price_rules, write_price_rules

    • read_product_listings, write_product_listings

    • read_products, write_products

    • read_reports, write_reports

    • read_script_tags, write_script_tags

    • read_shopify_payments_payouts

    • read_themes, write_themes

  4. Click Save.

  5. Select API Credentials.

  6. Under "Access tokens" click Install app. This creates your access token.

  7. Copy your access token under Admin API Access token. NOTE: The token can be revealed and copied only once.

Access Token

To authenticate using an access token, specify the following:

  • AuthScheme: Set to AccessToken.

  • AccessToken: Set to the access token value you copied from the custom app.


To connect using OAuth, you must create a public or custom application in the Shopify Partner Dashboard. During this process, API key and API secret key values are generated. You need these keys when you connect using a custom application.

Note: You must set AuthScheme to OAuth. All the sections below assume that you have done so. Otherwise, you cannot connect.

Create a Public or Custom App

Follow the procedure below to register a Public or Custom app and obtain the client credentials, such as the OAuthClientId and OAuthClientSecret:

  1. Log in to Shopify with the developer login portal.

  2. Select Apps > Create app > Create app manually, enter a name for the app and click Create.

  3. Note the displayed API key and API secret key on the Overview page.

  4. Navigate to the App setup page.

    • Note: You can request access for additional permissions for your app on this page which might be required for retrieving data from certain tables or views from a store.

  5. Provide an App URL, and a redirection URL under Allowed redirection URL(s), and click Save.

    • For Desktop, you can set the redirection URL to a local host, for example http://localhost:3333, the provider's default.

    • For Web Authentication, select a different port of your choice and set the CallbackURL to the exact reply URL you defined.

  6. Navigate to the Distribution page.

    • You can choose to either publish your app on the Shopify App Store as a public app or generate an install link exclusive to one store.

  7. After configuring a distribution method, you can use the API key and API secret key credentials to access your store's data.

After setting the following, you are ready to connect:

  • InitiateOAuth: Set this to GETANDREFRESH. You can use InitiateOAuth to avoid repeating the OAuth exchange and manually setting the OAuthAccessToken connection property.

  • OAuthClientId: Set this to the app's API key value.

  • OAuthClientSecret: Set this to the app's API secret key value.

  • CallbackURL: Set this to the redirect URI defined when you registered your app.

When you connect, the provider opens the OAuth endpoint in your default browser. Log in and grant permissions to the application. The provider then completes the OAuth process by saving OAuth values in OAuthSettingsLocation that persists across connections and obtaining a new access token when the old one expires.

Last updated