Alternatives for Setting password and passwordconfirmation in Shopify's New GraphQL APIs

Shopify Apps
, , ,

Topic summary

Deprecation of direct password fields in Shopify’s new GraphQL APIs is blocking apps from setting customer.password and customer.passwordconfirmation during customer create/update operations. “Deprecation” here means those fields are being phased out and can no longer be used.

The author seeks a secure alternative that aligns with Shopify’s move toward customer activation and password reset email flows (i.e., prompting customers via email to set or change their password). They specifically ask whether there are official mutations or workflows that replace the removed fields for setting/updating passwords.

Decisions/outcomes: None yet. No specific mutation or workflow has been identified in this thread. The request remains open for guidance on best-practice replacements under the new API constraints.

Summarized with AI on December 16. AI used: gpt-5.
1

I’ve noticed that Shopify’s new GraphQL APIs have deprecated direct access to customer.password and customer.passwordconfirmation, so we can no longer set passwords directly when creating or updating customer accounts. Has anyone found an alternative approach for setting or updating customer passwords with the new API changes?

I’m looking for a way to handle this securely, as it seems there’s a shift toward customer activation and password reset emails. Are there specific mutations or workflows that can replace the deprecated fields?