Custom app needs access to order data (products, price, quantity) without requesting customer data permissions during install.
Install flow shows a “Customers — View customer data” permission, which the developer wants to avoid.
Suggestion offered: use Shopify Admin GraphQL to query only order fields (e.g., line items, quantities) and exclude personal customer information.
Update from the developer: switching from REST to GraphQL did not remove the customer data permission; the install screen still requests access to customer data.
Implication: Choosing GraphQL vs REST and limiting fields in queries does not change the required install scopes for orders in this case.
References/Artifacts: Shopify “protected customer data” documentation was cited; screenshots of the permissions prompt are central to the discussion.
Status: Unresolved. The developer concludes it appears not possible to obtain order data without triggering customer data permissions for custom apps and asks for any alternative solutions; no confirmed workaround provided.
Summarized with AI on December 16.
AI used: gpt-5.
We built a custom app that requires order data (products, price and quantity), but it does not need customer data. The app creates products and then tracks orders placed including these products using the app.
When installing the app it asks for customer data permissions, which we want to remove:
To gain order data without accessing customer data, you can use Shopify’s GraphQL API to retrieve specific order-related details. The orders query allows you to fetch data like product IDs, quantities, and shipping methods while excluding personal customer information. This ensures privacy while still providing valuable insights into sales and order trends. Structuring the query to only pull relevant order data is the key.
Can I please confirm that using GraphQL API instead will remove the customer permission during installation even if its a custom app? I just wanted to confirm before I make these changes please.
