Customer Portal
Initiate Customer Account API OAuth flow
Initiates the OAuth 2.0 authorization flow for Shopify’s Customer Account API. This endpoint is used when a customer wants to grant the subscription app access to their Shopify customer account data.
Full behavior, validation rules, and side effects
What is Customer Account API? Shopify’s Customer Account API allows apps to access customer data (orders, addresses, payment methods) on behalf of the customer. This requires customer consent through an OAuth flow.
How it works:
- Customer portal calls this endpoint with a return URL
- Backend generates PKCE challenge and state parameter
- Returns authorization URL to redirect customer to Shopify
- Customer authorizes on Shopify
- Shopify redirects back to callback endpoint with authorization code
- Callback endpoint exchanges code for access token
Important Notes:
- Requires customer to be logged in to the Shopify store
- Only works with stores that have ‘New Customer Accounts’ enabled
- Uses PKCE (Proof Key for Code Exchange) for security
- State parameter prevents CSRF attacks
- Access tokens are stored securely and used for subsequent Customer Account API calls
Authentication: Customer must be logged in via Shopify customer session
POST
Initiate Customer Account API OAuth flow
Documentation Index
Fetch the complete documentation index at: https://appstleinc-aeca3e0a.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
Body
application/json
OAuth initiation request with return URL
Response
OAuth flow initiated successfully