Shopify changed the “API key” flow
If you used the old “custom app development” option inside Shopify settings, you’ve probably noticed the flow has changed. In 2026, Shopify pushes app creation through the Shopify Dev Dashboard.
You still end up with the same three things you need for automation:
client_idclient_secretaccess_tokenThis guide shows the exact steps to get that token and use it in n8n.
What you need before you start
Step 1 — Create an app in the Shopify Dev Dashboard
1. Open your Shopify store admin.
2. Click the **Dev dashboard** link (top right).
3. Click **Create an app** and give it a name (for example: “n8n automation”).
Step 2 — Choose the Admin API scopes
In the app settings, add only the scopes you need. Examples for common n8n automations:
read_productswrite_productsread_orderswrite_fulfillmentsStep 3 — Release and install the app
After installation you’ll see a **Client ID** and **Client secret** in the app settings.
Step 4 — Copy your {shop}.myshopify.com domain
In Shopify go to **Settings → Domains** and copy your {shop}.myshopify.com domain.
You’ll use that in the token request URL.
Step 5 — Request the Admin API access token
Option A: Postman
1. Create a new request and set the method to **POST**.
2. URL:
https://{shop}.myshopify.com/admin/oauth/access_token
3. Body → **x-www-form-urlencoded**:
grant_type = client_credentialsclient_id = your Client IDclient_secret = your Client secret4. Click **Send**.
You’ll get a JSON response with access_token, scope, and expires_in (usually 86400 seconds = 24 hours).
Option B: curl
curl -X POST "https://{shop}.myshopify.com/admin/oauth/access_token" \
-H "Content-Type: application/x-www-form-urlencoded" \
--data "grant_type=client_credentials&client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET"Step 6 — Use the token in n8n
Shopify node
If you use the Shopify node in n8n, paste the access_token into the credential field and set the shop domain.
HTTP Request node (quick test)
Make any Admin API request and add this header:
X-Shopify-Access-Token: A simple test endpoint that returns your granted scopes:
curl -X GET "https://{shop}.myshopify.com/admin/oauth/access_scopes.json" \
-H "X-Shopify-Access-Token: YOUR_ACCESS_TOKEN"Token expiry (important)
This token is short-lived. When expires_in is 86400, it expires after 24 hours.
Troubleshooting
client_id or client_secret{shop}.myshopify.com domainSecurity notes
client_secret like a password.Read more
Google Discover optimization in 2026 (practical playbook)
Google Discover is not traditional SEO. Nobody types a query. People scroll. Google predicts what they’ll care about next. That changes everything: ...
Search engine marketing: what it is and how to use it (SEO + SEA)
Search engine marketing (SEM) combines SEO and SEA. The goal is simple: be visible when people search, and convert that demand into revenue. SEM is p...
Ahrefs Keywords Explorer: complete guide (research + planning)
Ahrefs Keywords Explorer is a decision tool: what to build, what to skip, and what it will take to win. Key related workflows: - [Traffic Potential ...
Albin Hot
Albin Hot is Senior SEO Specialist bij Niblah, een toonaangevend marketing platform voor zoekmachines, AI en meer. Hij werkt al meer dan 5 jaar in SEO en specialiseert zich in omzetgedreven strategieën in nauwe samenwerking met multidisciplinaire teams.
Connect op LinkedIn