Should StoreFront Access Tokens be used only by the Shopify Application Server?

Excursionist
38 3 2

The 100 StoreFront access token limit (https://help.shopify.com/en/api/reference/access/storefrontaccesstoken) makes me believe these tokens should not and can not be given to 1,000s of clients visiting the storefront.

 

The alternative, then, is to have the Shopify application's server request a storefront token, save it somewhere, and use it to gather info for client requests.

 

Is this the correct path that Shopify intends? If not, how should these storefront access tokens be given to 1000s of clients when there is a hard limit of 100? I guess the server can give them all the same token?

0 Likes
Shopify Staff
Shopify Staff
223 28 28

Hi @seandz 


What are you utilizing the Storefront Token for? If you can provide more detail I can let you know how to best move forward. If you are creating lets say a mobile app, you simply need 1 storefront access token to make your requests. It is not for clients visiting the app, but for clients that need to access the unautheticated Storefront API. 

Vix | Developer Support @ Shopify
 - Was my reply helpful? Click Like to let me know! 
 - Was your question answered? Click Accept as Solution 


0 Likes
Highlighted
Excursionist
38 3 2

Hi @vix , this is for a web app. I plan to use the Script Tag Api to offer an option for people to trade in their item and have the merchant buy it back. The StoreFront API is needed to see which product is on the page being viewed and offer the right trade in price (set in the admin area).

0 Likes