---
title: AccessScope
description: View the access scopes approved by merchants during installation of your app.
api_version: unstable
api_name: admin-rest
api_type: rest
source_url:
  html: https://shopify.dev/docs/api/admin-rest/unstable/resources/accessscope
  md: https://shopify.dev/docs/api/admin-rest/unstable/resources/accessscope.md
---

![](https://shopify.dev/images/logos/GraphQL.svg)![](https://shopify.dev/images/logos/GraphQL-dark.svg)

The REST Admin API is a legacy API as of October 1, 2024. Starting April 1, 2025, all new public apps must be built exclusively with the [GraphQL Admin API](https://shopify.dev/docs/api/admin-graphql). For details and migration steps, visit our [migration guide](https://shopify.dev/docs/apps/build/graphql/migrate).

# Access​Scope

The AccessScope resource allows you to retrieve the permissions that a merchant has granted to an app, such as `read_orders` and `write_products`. These permissions allow apps to access data from a shop, and are granted when a merchant installs the app or updates an existing installation of the app.

The list of access scopes retrieved is based on the access token for the request. It returns only those access scopes that are associated with the token.

For more information about access scopes, see the [access scopes API reference](https://shopify.dev/api/usage/access-scopes).

Note

If your app is already installed on a shop and you want the merchant to grant additional access scopes, you need to redirect the merchant to the app install page with the additional requested scopes. After a merchant installs the updated app, any subsequent calls made to the AccessScope resource will return the updated list of granted access scopes.

\#

## Endpoints

* [get](https://shopify.dev/docs/api/admin-rest/unstable/resources/accessscope#get-admin-oauth-access-scopes)

  [/admin/oauth/access\_​scopes.​json](https://shopify.dev/docs/api/admin-rest/unstable/resources/accessscope#get-admin-oauth-access-scopes)

  Get a list of access scopes

  [![](https://shopify.dev/images/logos/GraphQL.svg)![](https://shopify.dev/images/logos/GraphQL-dark.svg)](https://shopify.dev/docs/api/admin-graphql/latest/queries/currentAppInstallation?example=get-a-list-of-access-scopes)

  [currentAppInstallation](https://shopify.dev/docs/api/admin-graphql/latest/queries/currentAppInstallation?example=get-a-list-of-access-scopes)

***

## The AccessScope resource

### Properties

***

access\_scopes

->

[![](https://shopify.dev/images/logos/GraphQL.svg)![](https://shopify.dev/images/logos/GraphQL-dark.svg)](https://shopify.dev/docs/api/admin-graphql/latest/objects/AppInstallation#field-AppInstallation.fields.accessScopes)

[accessScopes](https://shopify.dev/docs/api/admin-graphql/latest/objects/AppInstallation#field-AppInstallation.fields.accessScopes)

The list of access scopes associated with the access token.

***

{}

## The AccessScope resource

```json
{
  "access_scopes": [
    {
      "handle": "write_product_listings"
    },
    {
      "handle": "read_shipping"
    }
  ]
}
```

***

## getGet a list of access scopes

[![](https://shopify.dev/images/logos/GraphQL.svg)![](https://shopify.dev/images/logos/GraphQL-dark.svg)](https://shopify.dev/docs/api/admin-graphql/latest/queries/currentAppInstallation?example=get-a-list-of-access-scopes)

[currentAppInstallation](https://shopify.dev/docs/api/admin-graphql/latest/queries/currentAppInstallation?example=get-a-list-of-access-scopes)

Retrieves a list of access scopes associated with the access token.

### Parameters

***

### Examples

List all scopes

get

## /admin/oauth/access\_​scopes.​json

```bash
curl -X GET "https://your-development-store.myshopify.com/admin/oauth/access_scopes.json" \
-H "X-Shopify-Access-Token: {access_token}"
```

{}

## Response

JSON

```json
HTTP/1.1 200 OK
{
  "access_scopes": [
    {
      "handle": "read_products"
    },
    {
      "handle": "write_orders"
    },
    {
      "handle": "read_orders"
    }
  ]
}
```

### examples

* #### List all scopes

  #####

  ```curl
  curl -X GET "https://your-development-store.myshopify.com/admin/oauth/access_scopes.json" \
  -H "X-Shopify-Access-Token: {access_token}"
  ```

  #####

  ```remix
  const client = new shopify.clients.Rest({session});
  const data = await client.get({
    path: '/admin/oauth/access_scopes.json',
  });
  ```

  #####

  ```ruby
  session = ShopifyAPI::Auth::Session.new(
    shop: "your-development-store.myshopify.com",
    access_token: access_token
  )
  client = ShopifyAPI::Clients::Rest::Admin.new(
    session: session
  )

  response = client.get(
    path: '/admin/oauth/access_scopes.json',
  )
  ```

  #####

  ```node
  const client = new shopify.clients.Rest({session});
  const data = await client.get({
    path: '/admin/oauth/access_scopes.json',
  });
  ```

  #### response

  ```json
  HTTP/1.1 200 OK{"access_scopes":[{"handle":"read_products"},{"handle":"write_orders"},{"handle":"read_orders"}]}
  ```