Shopify

Overview

Use Shopify credentials to make authenticated API calls through Alter Vault without exposing API keys in code.

Property	Value
Provider ID	shopify
Category	E-Commerce
Credential Type	API Key

Step 1: Get Credentials

Open the Shopify Dev Dashboard

Open the Shopify Dev Dashboard and select (or create) the organization that owns the store.

Create a custom app

Click ‘Create app’, choose ‘Custom app’, name it, and confirm the destination store.

Configure scopes and install

Open the app, go to Configuration → Admin API access scopes, select the scopes the integration needs, then install the app on the store.

Copy the Admin API access token

Copy the Admin API access token (starts with shpat_) — it is only shown once at install time.

Enter your store subdomain

Enter the store subdomain (e.g. ‘your-store’ from your-store.myshopify.com) in the Store Subdomain field.

Note

Since January 1, 2026, new custom apps can no longer be created from the Shopify admin’s Settings → Apps → Develop apps page — new custom apps must be created in the Dev Dashboard. Custom apps created in the admin before that date keep working and remain manageable from Settings → Apps → Develop apps.

Warning

Never share credentials publicly. Store them securely and only enter them in the Alter Vault Developer Portal.

Step 2: Add to Alter Vault

Open the Developer Portal

Go to portal.alterauth.com and navigate to the application.

Add Shopify

Go to Managed Secrets > Add Provider > Shopify.

Enter credentials

Paste your Admin API Access Token into the API Key field, and enter your store subdomain (e.g. your-store) in the Store Subdomain field.

Save

Click Save. You’ll receive a grant_id to use with the SDK.

Using in Code

response = await alter_app.request(
    HttpMethod.GET,
    "https://your-store.myshopify.com/admin/api/YOUR_API_VERSION/products.json",
    grant_id="YOUR_GRANT_ID",
)