Thinking about working with a fulfillment center that some of our partners use but they are asking for full access permissions to our shopify.
Initially they said we could turn off permissions to things they don't need going forward but walked that back and said all permissions had to remain permanent.
Some of our partners seem fine with doing this but it seems odd and unsecured to grant full access when they only need permissions for certain things.
Was wondering if others had similar experiences and whether this is just standard procedure?
We work with many Shopify sellers to dropship from China and we also need the full admin access for shopify integration as without the admin authority the ERP system do not have the access to connect with Shopify store to update orders for order fulfillment.
The biggest advantage to integrate with ERP for the order fulfillment is the dropshipping agent could update orders from Shopify, manage the goods info, supplier info, inventory, shipping info to accurately fulfill orders effectively.
This is a trust issue between you and your agent which is very common as lots of sellers worried about the security issues. To solve the issue and move on, you can import the orders manually with CSV format to your agent, but it is only for small orders less than 10 per day and less skus. If you have daily 20 to 30 orders with more than 100 product skus it would be big headache and easily to make mistake on match the client shipping info and product info.
Thank you for your reply!
So, are you saying within shopify's system that access to things such as blog posts, creating gift cards, or discount codes, and the ability to change site navigation is all necessary in order for a third party to pull the information necessary for order fulfillment?
Or is it that maybe not having access to everything can cause technical errors for some reason?
Frankly speaking we only need the access to integrate to update order information for order fulfillment and tracking upload from ERP to Shopify. As for other features, that's beyond dropshipping order fulfillment jobs.
That is what it seems like.
So, it sounds like requiring full access is just to simplify the request for permissions and not based on need?
I'd be curious about this not only with fulfillment but any permission requests including designers or other 3rd party integration.
and again, thanks so much for the info