Access
A permission that controls access to GraphQL Admin API or Storefront API types. Each scope defines what data an App can read or write, following the format {action}_{resource} where action is typically "read" or "write".
Apps declare required and optional access scopes in their configuration. During installation, merchants review and grant these permissions, determining what shop data the app can access. The granted scopes remain active until the merchant uninstalls the app or revokes them. Apps can programmatically revoke their own dynamically granted optional scopes using .
Anchor to FieldsFields
- Anchor to descriptiondescription•String!non-null
A description of the actions that the access scope allows an app to perform.
- Anchor to handlehandle•String!non-null
A readable string that represents the access scope. The string usually follows the format
{action}_{resource}.{action}isreadorwrite, and{resource}is the resource that the action can be performed on.{action}and{resource}are separated by an underscore. For example,or.
Anchor to MutationsMutations
- •mutation
Revokes previously granted access scopes from an app installation, allowing merchants to reduce an app's permissions without completely uninstalling it. This provides granular control over what data and functionality apps can access.
For example, if a merchant no longer wants an app to access customer information but still wants to use its inventory features, they can revoke the customer-related scopes while keeping inventory permissions active.
Use the
mutation to:- Remove specific permissions from installed apps
- Maintain app functionality while minimizing data exposure
The mutation returns details about which scopes were successfully revoked and any errors that prevented certain permissions from being removed.
Learn more about managing app permissions.
- Anchor to scopesscopes•[String!]!required
The list of scope handles to revoke.
Arguments