A private Shopify application can interact with the Shopify API on behalf of a single store. To authenticate with Shopify using a private application, you'll need to generate the credentials from the Shopify admin and provide these credentials in your request to Shopify.
Generate credentials from the Shopify admin
Before you can authenticate a private application to Shopify, you need to generate the required credentials from Shopify admin of the store that you want to connect with your application. If you don't have a Shopify store, then you can log in to your Partner dashboard and click Development stores to provision a test store.
To generate the required credentials:
From your Shopify admin, click Apps (or press
Click View private apps.
Click Generate API credentials.
In the Description section, enter a Private app name, and then click Save. The API key and password for your application are now displayed on screen.
Treat the API key and password like you would any other password, since whoever has access to these credentials has full API access to the store.
After you have the required credentials, you can perform authenticated requests.
Perform authenticated requests
Private applications authenticate with Shopify through basic HTTP authorization, where the API key of the application is the username, and the Password is the password. You can generate these credentials from the Shopify admin of the store that you want to connect with your application.
Some HTTP clients support basic authentication by prepending
username:password@ to the hostname in the URL. For example:
If your HTTP client doesn't support basic authentication using this method, then you can provide the credentials in the
Authorization header field instead:
Join the API key and password with a single colon (
Encode the resulting string in base64 representation.
Prepend the base64-encoded string with
Basicand a space:
Authorization: Basic NDQ3OGViN2FjMTM4YTEzNjg1MmJhYmQ4NjE5NTZjMTk6M2U1YTZlZGVjNzFlYWIwMzk0MjJjNjQ0NGQwMjY1OWQ=