Authenticate your agent

Shopify provides a global access token that authenticates your agent with both the Catalog and Checkout MCP servers. You can generate this token from the Dev Dashboard using your client credentials.

This tutorial shows you how to create API credentials, generate a JWT-formatted bearer token, and store it for use in subsequent requests.

Anchor to RequirementsRequirements

Access to Shopify's Dev Dashboard to generate API credentials

Anchor to Generate API credentialsGenerate API credentials

Get your client credentials and generate API keys to authenticate with the Catalog MCP server.

In Dev Dashboard click Catalogs from the sidebar.
Click Get an API key. Name your key, and then click Create.
Obtain your client credentials (client ID and secret) for the newly created key.
Make a POST request to the token endpoint to generate a JWT-formatted bearer token you'll use for subsequent requests:

Terminal
curl --request POST \
--url https://api.shopify.com/auth/access_token \
--header 'Content-Type: application/json' \
--data '{
"client_id": "{your_client_id}",
"client_secret": "{your_client_secret}",
"grant_type": "client_credentials"
}'
Create a .env file and add your token:

.env
BEARER_TOKEN={your_token}

Tokens
Don't commit this sensitive token. It's included in a .env file here to help you through this tutorial easily, but it's assumed that you're following best practices and not committing this file.
This token also expires, so if you plan on continuing to use .env files you'll need to update its value regularly. You can also integrate token generation just before requests are made in the steps to keep them from expiring.
See the Catalog MCP Authentication reference for more information.

Anchor to Next stepsNext steps

Search the catalog

Now that you're authenticated, you're ready to search Shopify Catalog.

Was this page helpful?