Shopify managed installation is an installation method where Shopify installs an app and updates its access scopes without making any calls to the app. This provides the following advantages for the developer and user:
- **Improved performance**: No browser redirects during installation or updates.
- **Less complexity**: Embedded apps can use [token exchange](/docs/apps/build/authentication-authorization/access-tokens/token-exchange) to acquire access tokens, and will no longer need to implement [authorization code grant](/docs/apps/build/authentication-authorization/access-tokens/authorization-code-grant) for installation or access scope changes.
- **Improved user experience**: Faster installations and updates, and no screen flickering.
To enable Shopify managed installation, you need to share the scopes that your app requires in a configuration file that you push to Shopify.
This guide describes how to enable Shopify managed installation for your app.
If you don't use this method, then your app will use [authorization code grant](/docs/apps/build/authentication-authorization/access-tokens/authorization-code-grant), and call your app to determine the required access scopes before proceeding.
## Step 1: Configure your app using Shopify CLI
You can configure your app locally using a TOML file with Shopify CLI. Learn how to [manage your app's configuration using Shopify CLI](/docs/apps/build/cli-for-apps/manage-app-config-files).
## Step 2: Deploy your configuration to Shopify
In your app's TOML file, the access scopes are defined in the `scopes` field as shown below:
You can update the `scopes` field to include the access scopes that your app requires. For example, if your app requires access to the `read_orders` and `write_customers` access scope, you can update the `scopes` field as shown below:
Then you can deploy your app's access scopes to Shopify:
## Step 3: Shopify now manages installing your app and access scope changes
After you deploy your app configuration with your updated scopes, Shopify handles installation and scope updates whenever you deploy changes to your configuration.
## Step 4: Acquire access tokens to make authenticated requests to Shopify APIs
Embedded apps using [Shopify managed install](/docs/apps/build/authentication-authorization/app-installation) should acquire access tokens through [token exchange](/docs/apps/build/authentication-authorization/access-tokens/token-exchange).
Non-embedded apps should use the [authorization code grant flow](/docs/apps/build/authentication-authorization/access-tokens/authorization-code-grant).