# Initiate Customer Account API OAuth flow

Initiates the OAuth 2.0 authorization flow for Shopify's Customer Account API. This endpoint is used when a customer wants to grant the subscription app access to their Shopify customer account data.

What is Customer Account API?
Shopify's Customer Account API allows apps to access customer data (orders, addresses, payment methods) on behalf of the customer. This requires customer consent through an OAuth flow.

How it works:
1. Customer portal calls this endpoint with a return URL
2. Backend generates PKCE challenge and state parameter
3. Returns authorization URL to redirect customer to Shopify
4. Customer authorizes on Shopify
5. Shopify redirects back to callback endpoint with authorization code
6. Callback endpoint exchanges code for access token

Important Notes:
- Requires customer to be logged in to the Shopify store
- Only works with stores that have 'New Customer Accounts' enabled
- Uses PKCE (Proof Key for Code Exchange) for security
- State parameter prevents CSRF attacks
- Access tokens are stored securely and used for subsequent Customer Account API calls

Authentication: Customer must be logged in via Shopify customer session

Endpoint: POST /subscriptions/cp/api/customer-account-api/initiate
Version: 0.0.1

## Request fields (application/json):

  - `returnUrl` (string)


## Response 200 fields

## Response 503 fields