Admin API key for personal use – DevTools not showing it as documentation says

Shopify Apps
1

Hi everyone,

I’m trying to get an Admin API key for personal use to send blog posts directly to my Shopify store.

According to the Shopify documentation, the Admin API key should be visible during app creation or in DevTools. However, in my experience (and as far as I can tell), we never actually see the Admin API key. All that’s available is:

  • API secret key

  • Access token

I just want to confirm:

  1. Is it correct that Shopify no longer shows the Admin API key at all, and we should rely solely on the access token for authentication?

  2. If that’s the case, can someone clarify the proper method for using it to publish blog posts programmatically?

It seems like the documentation might be outdated, and I want to make sure I’m following the supported approach.

Thanks for any clarification! :folded_hands:

2

FYI, answering this on the go, so excuse my formatting!

You’re right, the documentation can be a bit confusing there. For custom apps, what you’re seeing as the “Access token” is indeed the credential you need. Shopify doesn’t expose a separate “Admin API key” in the way you might expect from older docs or other platforms. The “API key” you see in the app settings is essentially the Client ID if you were doing an OAuth flow, but for direct server-to-server calls with a custom app, the permanent access token is what authenticates your requests.

To publish blog posts programmatically, you’ll use that access token in the X-Shopify-Access-Token header for all your API requests. The endpoint for creating blog posts looks something like POST https://{your-store-name}.myshopify.com/admin/api/{api-version}/blog_posts.json. You’ll need to include the necessary JSON payload in the request body, specifying the title, body_html, and blog_id (you’ll need to fetch the blog_id for your target blog first, e.g., using GET /admin/api/{api-version}/blogs.json).

If you need any help getting this implemented, feel free to shoot me a DM and I can help you get this setup for free once I’m back on my PC.

Hope that helps!

3

i try what you say but same problime

import requests

SHOP_NAME = “***” # without .myshopify.com

API_VERSION = “2024-01”

ACCESS_TOKEN = “shpss_****” this key that i get after made app in https://dev.shopify.com/ and this is the only api that you can generate in the whole store !!

url = f"https://{SHOP_NAME}.myshopify.com/admin/api/{API_VERSION}/blogs.json"

headers = {

"X-Shopify-Access-Token": ACCESS_TOKEN,

"Content-Type": "application/json"

}

response = requests.get(url, headers=headers)

if response.status_code == 200:

blogs = response.json().get("blogs", \[\])

for blog in blogs:

    print(*f*"Blog Name: {blog\['title'\]} | Blog ID: {blog\['id'\]}")

else:

print("Error:", response.status_code, response.text)

reponse is : Error: 401 {“errors”:“[API] Invalid API key or access token (unrecognized login or wrong password)”}

4

I must have created and installed 100 apps in the last 2 days trying to get to the API key to show. Nothing its driving me crazy. All i’m getting is the key that starts with shpss… not getting shpat… anywhere.

5

Same problem here. I am trying to link up Zoho Flow, and it is asking for the Admin API Access Token. I can create the app by clicking “Devlop app” and going through the app setup in the dev dashboard. I can even “release” and ‘install’ my private app and see it listed in my admin panel. But nowhere is the Admin key to be found, and the docs are apparently out of date.

7

Getting Shopify Access Token via Postman (Client Credentials Flow):

  1. Create and install app in Shopify Admin (Settings → Apps and sales channels → Develop apps)

    • Configure required API scopes

    • Install the app in your store

    • Get Client ID and Client Secret from API credentials

  2. Postman request:

   POST https://yourshopname.myshopify.com/admin/oauth/access_token
   Content-Type: application/x-www-form-urlencoded
   
   Body (x-www-form-urlencoded):
   grant_type: client_credentials
   client_id: YOUR_CLIENT_ID
   client_secret: YOUR_CLIENT_SECRET
  1. Response:

json

   {
       "access_token": "shpat_xyz",
       "scope": "read_customers,write_draft_orders",
       "expires_in": 86399
   }
8

Update: I actually got it to work.

  1. Create App: Log in to the Shopify Developer Dashboard and create a new app.

  2. Set Version & Scopes: Under Versions, create a new version (e.g., v0.1). Select all required Admin API Scopes(permissions). Copy into notepad or something the text of the SCOPES.

  3. Enable Legacy Flow: In the version settings, set “Use legacy install flow” to True.

  4. Set Redirect URL: Add https://localhost/ to the Allowed redirection URL(s).

  5. Release: Click Release to make this version active.

  6. Get Credentials: Go to Settings and copy your Client ID and Client Secret.

Now to get the Admin API Token

  1. Construct Link: Build the following URL by replacing {SHOP_NAME} and {CLIENT_ID}and {SCOPES} (from above) with your specific info:
    https://{SHOP_NAME}.myshopify.com/admin/oauth/authorize?client_id={CLIENT_ID}&scope={SCOPES}&redirect_uri=https://localhost/&response_type=code

  2. Capture Code: A page with “install” should appear. Once you click install you will be sent to a broken localhost page. Copy the string after code= in the address bar. (Note: This code expires in 60 seconds).

  3. Immediately run this command in your terminal to exchange the code for your permanent token:

curl -X POST "https://{SHOP_NAME}.myshopify.com/admin/oauth/access_token" \

-H "Content-Type: application/x-www-form-urlencoded" \

-d "client_id={CLIENT ID}" \

-d "client_secret={CLIENT SECRET}" \

-d "code={CODE}"

  • Permanent Token: The response will contain an access_token starting with shpat_.

  • Static Status: If the JSON response does not contain an "expires_in" field, the token is an offline token and is permanent.

  • Usage: Use this token as the “Admin API Access Token” in your connection