Storefront API access scopes
Unauthenticated access scopes
Unauthenticated access scopes control access to objects in the Storefront API. Unauthenticated access is intended for interacting with a store on behalf of a customer to perform actions such as viewing products or initiating a checkout.
A storefront access token is required to make requests to the Storefront API. Any storefront access tokens created by your app automatically inherit the unauthenticated access scopes granted to it.
The following unauthenticated scopes can be requested:
unauthenticated_read_product_listings
Unauthenticated access to read the Product and Collection objects.unauthenticated_read_product_tags
Unauthenticated access to read thetags
field on the Product object.unauthenticated_write_checkouts, unauthenticated_read_checkouts
Unauthenticated access to the Checkout object.unauthenticated_write_customers, unauthenticated_read_customers
Unauthenticated access to the Customer object.unauthenticated_read_customer_tags
Unauthenticated access to read thetags
field on the Customer object.unauthenticated_read_content
Unauthenticated access to read storefront content, such as Article, Blog, and Comment objects.