Getting started with the GraphQL Admin and REST Admin APIs

The GraphQL Admin and REST Admin APIs let you build apps and other integrations for the Shopify admin using GraphQL or REST. With the APIs, you can create apps that offer functionality at every stage of a store's operation, including shipping, fulfillment, and product management.


The GraphQL Admin and REST Admin APIs require a Shopify access token (for public apps and custom apps) or an API password (for private apps) for making authenticated requests.

Authenticate using OAuth

To get the access token, follow the OAuth authorization flow in the OAuth guide. Include the access token as a X-Shopify-Access-Token header in your requests.

You can obtain an access token either by following the OAuth authorization process or by creating a private app and using that app's API password.

Authenticate using basic HTTP authentication

  1. From your Shopify admin, click Apps.
  2. Click Manage private apps.
  3. Click Create a new private app.
  4. Enter the details for your private app.
  5. Click Save.
  6. Use the generated API password as the access token.

GraphQL Admin API

The GraphQL Admin API is a GraphQL-based alternative to the REST-based Admin API, and makes the functionality of the Shopify admin available at a single GraphQL endpoint:

POST https://{shop}

You can access the GraphQL Admin API using the GraphiQL app, curl, or any HTTP client:

Use the GraphiQL app

We recommend installing Shopify’s own GraphiQL app to explore your shop’s data using the GraphQL Admin API. After you've installed the app, you can test it by running the following query:

POST https://{shop}

View response

Use curl

The following example shows a query for the first 5 product IDs and handles. Replace {shop} with your store’s domain and {password} with the access token you generated in the Authentication section.

POST https://{shop}