Core customer portal APIs for managing customer account settings, authentication, and portal configurations.
Customer Portal APIs
/- Initiate Customer Account API OAuth flow
Process refund for subscription order
Redeem loyalty points for a reward
Proxy GraphQL queries to Shopify Customer Account API
Get available loyalty point redemption options
Get customer loyalty points and rewards data
Get currently logged-in customer ID
Get custom CSS for customer portal
Calculate refund amount preview
Get available ways to earn loyalty points
Get customer portal settings
Check Customer Account API authentication status
Handle OAuth callback from Shopify
Logout from Customer Account API
Initiate Customer Account...
Customer Portal APIs (0.0.1)
Comprehensive API documentation for the customer-facing subscription portal. These APIs enable customers to manage their subscriptions, update billing information, modify delivery schedules, and access their account details through your storefront.
Important: These APIs must be called from your shop's domain (e.g., https://www.myshop.com/apps/subscriptions/cp/api/**) and require customer authentication. Unauthenticated requests will return a 401 Unauthorized error.
Download OpenAPI description
Languages
Servers
https://www.myshop.com/apps
Request
Allows a customer to redeem their loyalty points for a specific reward option. This deducts points from their balance and generates a discount code or applies the reward.
What happens:
- Validates customer has enough points
- Deducts points from customer's balance
- Generates discount code (for discount rewards)
- Records redemption in customer's history
- Returns discount code or confirmation
Reward Types:
- Discount codes: Generates unique code customer can use at checkout
- Auto-apply discounts: Automatically applied to next order
- Free products: Adds free product to next order
- Free shipping: Waives shipping on next order
Important Notes:
- Points are deducted immediately and cannot be refunded
- Discount codes typically expire after 30 days
- Some rewards have minimum purchase requirements
- Rewards cannot be combined with other discounts (depends on configuration)
Use Cases:
- Customer clicks 'Redeem' button in customer portal
- Apply points at checkout
- Redeem points for subscription discount
Authentication: Customer must be logged in via Shopify customer session
- https://www.myshop.com/apps/subscriptions/cp/api/loyalty-integration/redeem
- curl
- JavaScript
- Node.js
- Python
- Java
- C#
- PHP
- Go
- Ruby
- R
- Payload
curl -i -X POST \
'https://www.myshop.com/apps/subscriptions/cp/api/loyalty-integration/redeem?customerId=gid%3A%2F%2Fshopify%2FCustomer%2F6548267876558&redeemOptionId=1&points=0'Response
application/json
"LOYALTY500-ABC123"
Request
Initiates the OAuth 2.0 authorization flow for Shopify's Customer Account API. This endpoint is used when a customer wants to grant the subscription app access to their Shopify customer account data.
What is Customer Account API? Shopify's Customer Account API allows apps to access customer data (orders, addresses, payment methods) on behalf of the customer. This requires customer consent through an OAuth flow.
How it works:
- Customer portal calls this endpoint with a return URL
- Backend generates PKCE challenge and state parameter
- Returns authorization URL to redirect customer to Shopify
- Customer authorizes on Shopify
- Shopify redirects back to callback endpoint with authorization code
- Callback endpoint exchanges code for access token
Important Notes:
- Requires customer to be logged in to the Shopify store
- Only works with stores that have 'New Customer Accounts' enabled
- Uses PKCE (Proof Key for Code Exchange) for security
- State parameter prevents CSRF attacks
- Access tokens are stored securely and used for subsequent Customer Account API calls
Authentication: Customer must be logged in via Shopify customer session
OAuth initiation request with return URL
- https://www.myshop.com/apps/subscriptions/cp/api/customer-account-api/initiate
- curl
- JavaScript
- Node.js
- Python
- Java
- C#
- PHP
- Go
- Ruby
- R
- Payload
curl -i -X POST \
https://www.myshop.com/apps/subscriptions/cp/api/customer-account-api/initiate \
-H 'Content-Type: application/json' \
-d '{
"returnUrl": "https://myshop.com/account/subscriptions"
}'Response
application/json
{ "authorizationUrl": "https://shopify.com/12345/auth/oauth/authorize?client_id=...", "state": "random-state-value-for-csrf-protection" }
Request
Executes GraphQL queries against Shopify's Customer Account API on behalf of the authenticated customer. This endpoint handles token management, refresh, and authentication automatically.
What you can query:
- Customer profile information
- Order history and details
- Saved addresses
- Payment methods
- Subscriptions (via Customer Account API schema)
Token Management:
- Automatically uses stored access token
- Refreshes expired tokens automatically
- Returns 401 if customer needs to re-authenticate
Example Queries:
query {
customer {
id
emailAddress { emailAddress }
defaultAddress { address1 city }
}
}Authentication: Customer must be logged in and have completed OAuth flow
GraphQL query and optional variables
- https://www.myshop.com/apps/subscriptions/cp/api/customer-account-api/graphql
- curl
- JavaScript
- Node.js
- Python
- Java
- C#
- PHP
- Go
- Ruby
- R
- Payload
curl -i -X POST \
https://www.myshop.com/apps/subscriptions/cp/api/customer-account-api/graphql \
-H 'Content-Type: application/json' \
-d '{
"query": "query { customer { id emailAddress { emailAddress } } }",
"variables": {}
}'Response
application/json
{ "data": { "customer": { … } } }