The REST Admin API is a legacy API as of October 1, 2024. All apps and integrations should be built with the GraphQL Admin API. For details and migration steps, visit our migration guide.

REST Admin API reference

The Admin API lets you build apps and integrations that extend and enhance the Shopify admin.

Some newer platform features may only be available in GraphQL.

Use Shopify’s officially supported libraries to build fast, reliable apps with the programming languages and frameworks you already know.

The official package for Remix applications, with full TypeScript support.

Copy
npm install --save @shopify/shopify-app-remix
# or
yarn add @shopify/shopify-app-remix

All REST Admin API queries require a valid Shopify access token.

Public and custom apps created in the Partner Dashboard generate tokens using OAuth, and custom apps made in the Shopify admin are authenticated in the Shopify admin. To simplify the authentication process, use one of the recommended Shopify client libraries.

Include your token as a X-Shopify-Access-Token header on all API queries. Using Shopify’s supported client libraries can simplify this process.

To keep the platform secure, apps need to request specific access scopes during the install process. Only request as much data access as your app needs to work.

Learn more about getting started with authentication and building apps.

Copy
const { admin } = await authenticate.admin(request);
const response = admin.rest.get({path: 'shop'});

Admin REST API endpoints are organized by resource type. You’ll need to use different endpoints depending on your app’s requirements.

All Admin REST API endpoints follow this pattern:

https://{store_name}.myshopify.com/admin/api/2025-01/{resource}.json

The Admin API is versioned, with new releases four times per year. To keep your app stable, make sure you specify a supported version in the URL. Learn more about API versioning.

All REST endpoints support cursor-based pagination. All requests produce HTTP response status codes.

Learn more about API usage.

get
/admin/api/2025-01/products/{product_id}.json
Copy
curl -X GET \
https://{store_name}.myshopify.com/admin/api/2025-01/products/11235813213455.json?fields=id,title \
-H 'Content-Type: application/json' \
-H 'X-Shopify-Access-Token: {access_token}'
{}Response
JSON
HTTP/1.1 200 OK
{
"product": {
"id": 11235813213455,
"title": "Hiking backpack"
}
}

The REST Admin API supports a limit of 40 requests per app per store per minute. This allotment replenishes at a rate of 2 requests per second. The rate limit is increased by a factor of 10 for Shopify Plus stores.


Usage limitations

REST Admin API supports a limit of 40 requests per app per store per minute.


Past the limit, the API will return a 429 Too Many Requests error.

All REST API responses include the X-Shopify-Shop-Api-Call-Limit header, which shows how many requests the client has made, and the total number allowed per minute.

A 429 response will also include a Retry-After header with the number of seconds to wait until retrying your query.

Learn more about rate limits.

{}Header
Copy
X-Shopify-Shop-Api-Call-Limit: 40/40
Retry-After: 2.0
{}Response
JSON
Copy
HTTP/1.1 429 Too Many Requests
{
"customers": [
{
"id": 207119551,
"email": "bob.norman@hostmail.com",
"accepts_marketing": false,
"created_at": "2021-02-12T13:48:32-05:00",
"updated_at": "2021-02-12T13:48:32-05:00",
"first_name": "Bob",
"last_name": "Norman",
"orders_count": 1,
"state": "disabled",
"total_spent": "199.65",
"last_order_id": 450789469,
"note": null,
"verified_email": true,
"multipass_identifier": null,
"tax_exempt": false,
"phone": "+16136120707",
"tags": "",
"last_order_name": "#1001",
"currency": "USD",
"addresses": [
{
"id": 207119551,

All API queries return HTTP status codes that can tell you more about the response.

401 Unauthorized

The client doesn’t have correct authentication credentials.

402 Payment Required

The shop is frozen. The shop owner will need to pay the outstanding balance to unfreeze the shop.

403 Forbidden

The server is refusing to respond. This is typically caused by incorrect access scopes.

404 Not Found

The requested resource was not found but could be available again in the future.

422 Unprocessable Entity

The request body contains semantic errors. This is typically caused by incorrect formatting, omitting required fields, or logical errors such as initiating a checkout for an out-of-stock product.

429 Too Many Requests

The client has exceeded the rate limit.

5xx Errors

An internal error occurred in Shopify. Check out the Shopify status page for more information.

Didn’t find the status code you’re looking for? View the complete list of API status response and error codes.

{}Sample error codes
Copy

HTTP/1.1 401 Unauthorized
{
"errors": "[API] Invalid API key or access token (unrecognized login or wrong password)"
}