--- title: CustomerAccessToken - Storefront API description: >- A CustomerAccessToken represents the unique token required to make modifications to the customer object. api_version: 2025-10 api_name: storefront type: object api_type: graphql source_url: html: 'https://shopify.dev/docs/api/storefront/latest/objects/CustomerAccessToken' md: >- https://shopify.dev/docs/api/storefront/latest/objects/CustomerAccessToken.md --- # Customer​Access​Token object Requires `unauthenticated_read_customers` access scope. A CustomerAccessToken represents the unique token required to make modifications to the customer object. ## Fields * access​Token [String!](https://shopify.dev/docs/api/storefront/latest/scalars/String) non-null Token access required The customer’s access token. * expires​At [Date​Time!](https://shopify.dev/docs/api/storefront/latest/scalars/DateTime) non-null Token access required The date and time when the customer access token expires. *** ## Map No referencing types *** ## Mutations * [customer​Access​Token​Create](https://shopify.dev/docs/api/storefront/latest/mutations/customerAccessTokenCreate) mutation Creates a customer access token. The customer access token is required to modify the customer object in any way. * input [Customer​Access​Token​Create​Input!](https://shopify.dev/docs/api/storefront/latest/input-objects/CustomerAccessTokenCreateInput) required ### Arguments The fields used to create a customer access token. *** * [customer​Access​Token​Create​With​Multipass](https://shopify.dev/docs/api/storefront/latest/mutations/customerAccessTokenCreateWithMultipass) mutation Creates a customer access token using a [multipass token](https://shopify.dev/api/multipass) instead of email and password. A customer record is created if the customer doesn't exist. If a customer record already exists but the record is disabled, then the customer record is enabled. * multipass​Token [String!](https://shopify.dev/docs/api/storefront/latest/scalars/String) required ### Arguments A valid [multipass token](https://shopify.dev/api/multipass) to be authenticated. *** * [customer​Access​Token​Renew](https://shopify.dev/docs/api/storefront/latest/mutations/customerAccessTokenRenew) mutation Renews a customer access token. Access token renewal must happen *before* a token expires. If a token has already expired, a new one should be created instead via `customerAccessTokenCreate`. * customer​Access​Token [String!](https://shopify.dev/docs/api/storefront/latest/scalars/String) required ### Arguments The access token used to identify the customer. *** * [customer​Activate](https://shopify.dev/docs/api/storefront/latest/mutations/customerActivate) mutation Activates a customer. * id [ID!](https://shopify.dev/docs/api/storefront/latest/scalars/ID) required ### Arguments Specifies the customer to activate. * input [Customer​Activate​Input!](https://shopify.dev/docs/api/storefront/latest/input-objects/CustomerActivateInput) required The fields used to activate a customer. *** * [customer​Activate​By​Url](https://shopify.dev/docs/api/storefront/latest/mutations/customerActivateByUrl) mutation Activates a customer with the activation url received from `customerCreate`. * activation​Url [URL!](https://shopify.dev/docs/api/storefront/latest/scalars/URL) required ### Arguments The customer activation URL. * password [String!](https://shopify.dev/docs/api/storefront/latest/scalars/String) required A new password set during activation. *** * [customer​Reset](https://shopify.dev/docs/api/storefront/latest/mutations/customerReset) mutation "Resets a customer’s password with the token received from a reset password email. You can send a reset password email with the [`customerRecover`](https://shopify.dev/api/storefront/latest/mutations/customerRecover) mutation." * id [ID!](https://shopify.dev/docs/api/storefront/latest/scalars/ID) required ### Arguments Specifies the customer to reset. * input [Customer​Reset​Input!](https://shopify.dev/docs/api/storefront/latest/input-objects/CustomerResetInput) required The fields used to reset a customer’s password. *** * [customer​Reset​By​Url](https://shopify.dev/docs/api/storefront/latest/mutations/customerResetByUrl) mutation "Resets a customer’s password with the reset password URL received from a reset password email. You can send a reset password email with the [`customerRecover`](https://shopify.dev/api/storefront/latest/mutations/customerRecover) mutation." * reset​Url [URL!](https://shopify.dev/docs/api/storefront/latest/scalars/URL) required ### Arguments The customer's reset password url. * password [String!](https://shopify.dev/docs/api/storefront/latest/scalars/String) required New password that will be set as part of the reset password process. *** * [customer​Update](https://shopify.dev/docs/api/storefront/latest/mutations/customerUpdate) mutation Updates an existing customer. * customer​Access​Token [String!](https://shopify.dev/docs/api/storefront/latest/scalars/String) required ### Arguments The access token used to identify the customer. * customer [Customer​Update​Input!](https://shopify.dev/docs/api/storefront/latest/input-objects/CustomerUpdateInput) required The customer object input. *** *** ## <\~> CustomerAccessToken Mutations ### Mutated by * <\~>[customer​Access​Token​Create](https://shopify.dev/docs/api/storefront/latest/mutations/customerAccessTokenCreate) * <\~>[customer​Access​Token​Create​With​Multipass](https://shopify.dev/docs/api/storefront/latest/mutations/customerAccessTokenCreateWithMultipass) * <\~>[customer​Access​Token​Renew](https://shopify.dev/docs/api/storefront/latest/mutations/customerAccessTokenRenew) * <\~>[customer​Activate](https://shopify.dev/docs/api/storefront/latest/mutations/customerActivate) * <\~>[customer​Activate​By​Url](https://shopify.dev/docs/api/storefront/latest/mutations/customerActivateByUrl) * <\~>[customer​Reset](https://shopify.dev/docs/api/storefront/latest/mutations/customerReset) * <\~>[customer​Reset​By​Url](https://shopify.dev/docs/api/storefront/latest/mutations/customerResetByUrl) * <\~>[customer​Update](https://shopify.dev/docs/api/storefront/latest/mutations/customerUpdate)