Choose a version:

customerAccessTokenCreate

mutation

Requires unauthenticated_write_customers access scope.

For legacy customer accounts only.

Creates a CustomerAccessToken using the customer's email and password. The access token is required to read or modify the Customer object, such as updating account information or managing addresses.

The token has an expiration time. Use customerAccessTokenRenew to extend the token before it expires, or create a new token if it's already expired.

Caution

This mutation handles customer credentials. Always transmit requests over HTTPS and never log or expose the password.

Anchor to Arguments

Arguments

Anchor to inputinput

•CustomerAccessTokenCreateInput!

required

The fields used to create a customer access token.

Was this section helpful?

Anchor to CustomerAccessTokenCreatePayload returnsCustomerAccessTokenCreatePayload returns

Anchor to customerAccessTokencustomerAccessToken •CustomerAccessToken: The newly created customer access token object.
Anchor to customerUserErrorscustomerUserErrors •[CustomerUserError!]! non-null: The list of errors that occurred from executing the mutation.
Anchor to userErrorsuserErrors •[UserError!]! non-nullDeprecated: The list of errors that occurred from executing the mutation.

Was this section helpful?

Examples

Create a customer access token

Description

Creates a unique customer access token that's required to read and modify the [Customer](https://shopify.dev/api/storefront/latest/objects/customer) object.

Query

mutation customerAccessTokenCreate {
  customerAccessTokenCreate(input: {email: "ghaida@example.com", password: "7dx2gx2Z"}) {
    customerAccessToken {
      accessToken
    }
    customerUserErrors {
      message
    }
  }
}

cURL

curl -X POST \
https://your-development-store.myshopify.com/api/unstable/graphql.json \
-H 'Content-Type: application/json' \
-H 'X-Shopify-Storefront-Access-Token: {storefront_access_token}' \
-d '{
"query": "mutation customerAccessTokenCreate { customerAccessTokenCreate(input: {email: \"ghaida@example.com\", password: \"7dx2gx2Z\"}) { customerAccessToken { accessToken } customerUserErrors { message } } }"
}'

React Router

import { unauthenticated } from "../shopify.server";

export const loader = async () => {
  const { storefront } = await unauthenticated.storefront(
    'your-development-store.myshopify.com'
  );
  const response = await storefront.graphql(
    `#graphql
  mutation customerAccessTokenCreate {
    customerAccessTokenCreate(input: {email: "ghaida@example.com", password: "7dx2gx2Z"}) {
      customerAccessToken {
        accessToken
      }
      customerUserErrors {
        message
      }
    }
  }`,
  );
  const json = await response.json();
  return json.data;
}

Node.js

const client = new shopify.clients.Storefront({
  domain: 'your-development-store.myshopify.com',
  storefrontAccessToken,
});
const data = await client.query({
  data: `mutation customerAccessTokenCreate {
    customerAccessTokenCreate(input: {email: "ghaida@example.com", password: "7dx2gx2Z"}) {
      customerAccessToken {
        accessToken
      }
      customerUserErrors {
        message
      }
    }
  }`,
});

Response

{
  "customerAccessTokenCreate": {
    "customerAccessToken": {
      "accessToken": "ghaidas_token"
    },
    "customerUserErrors": []
  }
}

Get a customer by customer access token

Description

Retrieves the customer with the associated access token and returns the customer fields specified in the query.

Query

query {
  customer(customerAccessToken: "bobs_token") {
    id
    firstName
    lastName
    acceptsMarketing
    email
    phone
  }
}

cURL

curl -X POST \
https://your-development-store.myshopify.com/api/unstable/graphql.json \
-H 'Content-Type: application/json' \
-H 'X-Shopify-Storefront-Access-Token: {storefront_access_token}' \
-d '{
"query": "query { customer(customerAccessToken: \"bobs_token\") { id firstName lastName acceptsMarketing email phone } }"
}'

React Router

import { unauthenticated } from "../shopify.server";

export const loader = async () => {
  const { storefront } = await unauthenticated.storefront(
    'your-development-store.myshopify.com'
  );
  const response = await storefront.graphql(
    `#graphql
  query {
    customer(customerAccessToken: "bobs_token") {
      id
      firstName
      lastName
      acceptsMarketing
      email
      phone
    }
  }`,
  );
  const json = await response.json();
  return json.data;
}

Node.js

const client = new shopify.clients.Storefront({
  domain: 'your-development-store.myshopify.com',
  storefrontAccessToken,
});
const data = await client.query({
  data: `query {
    customer(customerAccessToken: "bobs_token") {
      id
      firstName
      lastName
      acceptsMarketing
      email
      phone
    }
  }`,
});

Response

{
  "customer": {
    "id": "gid://shopify/Customer/410535040",
    "firstName": "John",
    "lastName": "Smith",
    "acceptsMarketing": false,
    "email": "johnsmith@example.com",
    "phone": "+16134504533"
  }
}

customerAccessTokenCreate reference

Examples

Open in GraphiQL

import { unauthenticated } from "../shopify.server";

export const loader = async () => {

const { storefront } = await unauthenticated.storefront(

'your-development-store.myshopify.com'

);

const response = await storefront.graphql(

`#graphql

mutation customerAccessTokenCreate {

customerAccessTokenCreate(input: {email: "ghaida@example.com", password: "7dx2gx2Z"}) {

customerAccessToken {

accessToken

}

customerUserErrors {

message

}

}`,

);

const json = await response.json();

return json.data;

}

GQL

mutation customerAccessTokenCreate {
  customerAccessTokenCreate(input: {email: "ghaida@example.com", password: "7dx2gx2Z"}) {
    customerAccessToken {
      accessToken
    }
    customerUserErrors {
      message
    }
  }
}

cURL

curl -X POST \
https://your-development-store.myshopify.com/api/unstable/graphql.json \
-H 'Content-Type: application/json' \
-H 'X-Shopify-Storefront-Access-Token: {storefront_access_token}' \
-d '{
"query": "mutation customerAccessTokenCreate { customerAccessTokenCreate(input: {email: \"ghaida@example.com\", password: \"7dx2gx2Z\"}) { customerAccessToken { accessToken } customerUserErrors { message } } }"
}'

React Router

import { unauthenticated } from "../shopify.server";

export const loader = async () => {
  const { storefront } = await unauthenticated.storefront(
    'your-development-store.myshopify.com'
  );
  const response = await storefront.graphql(
    `#graphql
  mutation customerAccessTokenCreate {
    customerAccessTokenCreate(input: {email: "ghaida@example.com", password: "7dx2gx2Z"}) {
      customerAccessToken {
        accessToken
      }
      customerUserErrors {
        message
      }
    }
  }`,
  );
  const json = await response.json();
  return json.data;
}

Node.js

const client = new shopify.clients.Storefront({
  domain: 'your-development-store.myshopify.com',
  storefrontAccessToken,
});
const data = await client.query({
  data: `mutation customerAccessTokenCreate {
    customerAccessTokenCreate(input: {email: "ghaida@example.com", password: "7dx2gx2Z"}) {
      customerAccessToken {
        accessToken
      }
      customerUserErrors {
        message
      }
    }
  }`,
});

Response

JSON

{

"customerAccessTokenCreate": {

"customerAccessToken": {

"accessToken": "ghaidas_token"

"customerUserErrors": []

}