What are the Different Ways to Access Restricted Data from Shopify Using Pipedream?

This topic was automatically generated from Slack. You can find the original thread here.

Hi Pipedream community - One of things I’m doing with Pipedream is creating some daily analytics and gathering details for reporting from Shopify. Some of these details involve getting customer name and email, which I understand has been under tighter control from Shopify and thus limiting access to this data. When I’ve had time over the past few weeks I’ve tried to work through this.

Here on Pipedream, if I understand things, there are two ways to connect to Shopify. The first is Shopify account, the second is a Shopify Partner Account. But I think there is a third way, one that perhaps works better for workflows that want to access the more restricted data of a store you own/run.

  1. Shopify Account connection via Pipedream. When you connect using the standard Pipedream/Shopify integration, there is a Pipedream app that is added to your store. You get warnings that this app is unsupported (or something like that). This app works fine, but you can’t get customer details.
  2. Shopify Partner Account - Pipedream has some instructions and an ability to connect to a Shopify Partner account. I started this, but honestly didn’t finish this as I figured there had to be an easier route.
  3. What I’ve done, is in my Shopify store, in the APPs and Sales Channels, you can create your own “app” that you can then use the key in Pipedream. What follows is roughly the steps I did.
    When in your Shopify Admin, click Apps on the left menu. Your search box likely opens, at the bottom select “Apps and sales channel settings”.

Then in this settings screen, you can select “Develop apps” on the upper right.

Next select “Create an app”. Give your app a name, “My Pipedream Integration” or anything you want.

Next you need to configure the scopes of access. Click “Configure Admin API Scopes”. You will now be presented with a long list of things that the “app” can access. Choose wisely here. Only select the things that you really need access to. Of course you can change this later if you find you need to add something. In my case, there is restricted/PII data that I needed to expose for reporting, so for instance I was able to select “read_orders” under orders, which includes customer details. I wasn’t able to get full details with the standard Pipedream Shopify connection, understandably.

Once you have the items select that you want your app (really an API call) to have access to, hit save in the upper right. Then click “Install App”. Select install in the dialog.

You are now on the API Credentials screen for your “app”. The Admin API Access Token is what you need to work with in Pipedream. This unit of information is only visible once, so save it somewhere securely. This token grants access to all the details you previously allowed in the Admin API Scopes. Also on this screen is API Key and Secret Key, but I don’t believe you will need these. Finally, take note you uninstall your app and then delete, if you need to revoke access. Or if you loose your token, uninstall and reinstall, to generate a new token.

With your Admin API Access Token, over in Pipedream, you can now use a code block to access the details you want. I use Python. I stored the ADMIN API Access Token as an Environment Variable, because the Pipedream Shopify or Shopify Partner Connection aren’t designed for this connection info. At the top of my python code I have something like this, fill in your shop name and have your environment variable created in Pipedream.

# Shopify details
SHOPIFY_API_ENDPOINT = f'https://{insert your store name}.[myshopify.com/admin/api/{SHOPIFY_API_VERSION}/graphql.json](http://myshopify.com/admin/api/{SHOPIFY_API_VERSION}/graphql.json)'

I’m using requests, so be sure to import that. Then you can construction your header, and api or graphql query.

    headers = {
        'Content-Type': 'application/json',
        'X-Shopify-Access-Token': SHOPIFY_ACCESS_TOKEN

    data = {
        "query": f'''{{
            shop {{
etc, etc, etc.


Then you can issue a request, and get a response and process it.

    print("Sending API request...")
    r = [requests.post](http://requests.post)(SHOPIFY_API_ENDPOINT, headers=headers, json=data)
    print("API request completed.")
    response_json = r.json()
    print("Response received:", response_json)

You will likely need to loop over any returned data.

So the point of all this is to show there is a third connection option to Shopify, something beyond the two built Pipedream connections. This third option is fairly straight forward to set up in your own store, and allows you access to specific data that you can’t get in the standard Shopify Pipedream connector. You may be able to get it through the Shopify Partner connection, but honestly, I don’t think the complexity of Shopify Partner Connection is warranted. Take care to use environment variables to store your ADMIN API Access Token, so you don’t expose it in your code.

Hi Tim, thanks for sharing.

We’ve been discussing the challenges of the Shopify Protected Customer Data changes, and we’re in the middle of applying to Shopify to hopefully gain their approval with the official Shopify Pipedream app.

Your approach is definitely a way to go around this limitation by creating a custom Shopify app and manually providing the credentials to your workflows via environment variables.

But I wanted to quickly clear up the confusion between Shopify & Shopify Partner integrations in Pipedream.

• The Shopify integration communicates with the Shopify Admin API: Shopify Admin API
• The Shopify Partner integration communicates with the Shopify Partner API: Partner API reference
These are two different APIs, they do not overlap.

The Shopify Admin API is used with a merchant account to interact with customers, orders, fulfillents, inventory, etc.

Whereas the Shopify Partner API is for interacting with a Shopify Partner’s apps, referrals, transactions from app billing. It does not have access to customer data.

Hope this helps.

Thank you for clarifying the distinction there. This makes sense with my experience and what you wrote here. I was a bit cloudy, as I felt like I was being directed to Shopify Partner to get the customer ability, but I wasn’t seeing the connection.

So, great clarity brought here and hopefully documentation for how a user can create their own ‘app’.