Generate API credentials
- From your Shopify admin, go to Apps.
- Click Manage private apps, near the bottom of the page.
- Click Create new private app.
- In the App details section, enter a name for the private app and a contact email address. Shopify uses this email address to contact the developer if there is an issue with the private app, such as when an API change might break it.
- In the Admin API section, select the areas of your store that you want the app to be able to access.
- Optional: To use the Storefront API, select Allow this app to access your storefront data using the Storefront API, and then select which types of data you want to expose to the app.
- Click Save.
Make authenticated requests
Private apps can authenticate through basic HTTP authentication by using their Admin API key and password as a username and password.
Some HTTP clients support basic authentication by prepending username:password@ to the hostname in the URL. For example:Copy
https://{username}:{password}@{shop}.myshopify.com/admin/api/2022-01/{resource}.json{username}: The API key that you generated.{password}: The API password that you generated.{shop}: The name of your development store.{api-version}— The supported API version that you want to use.{resource}– A resource endpoint from the REST Admin API.
A URL with real values looks like this:Copy
https://38b3692b6b48a9712b8d909c46e6208d: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@example.myshopify.com/admin/api/2021-07/products.jsonIf your HTTP client doesn’t support basic authentication using this method, then you can provide the credentials in the Authorization header field instead:
- Join the API key and password with a single colon (
:). - Encode the resulting string in base64 representation.
- Prepend the base64-encoded string with
Basicand a space
Authorization: Basic NDQ3OGViN2FjMTM4YTEzNjg1MmJhYmQ4NjE5NTZjMTk6M2U1YTZlZGVjNzFlYWIwMzk0MjJjNjQ0NGQwMjY1OWQ=