Skip to main content

Shopify Private App Token

Description#

General#

  • Documentation: https://help.shopify.com/en/manual/apps/private-apps
  • Summary: Shopify is an e-commerce company that offers online retailers a suite of services including payments, marketing, shipping and customer engagement tools to simplify the process of running an online store. A private application allows to integrate custom web services with a Shopify store, by associating credentials to a given scope over the Shopify API.
  • IPs allowlist: This is not mentioned in the documentation.
  • Scopes: Various scopes can be attributed to an application. Read the Access scopes page of the documentation for more details.

Revoke the secret#

There doesn't seem to be a simple way to revoke this secret within an application. In order to revoke the secret, delete the private application, and create a new one with the same scopes.

Check for suspicious activity#

This feature is not mentioned in the documentation.

Details for Shopify private app token#

  • Family: Api

  • Category: Other

  • Company: Shopify

  • High recall: True

  • Validity check available: False

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 13.3

  • Prefixed: True

  • PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions:  - ^(cs|x|p|s|r)?html5?~?$  - ^[aps]?cssc?~?$  - ^lock$  - ^mdx?~?$  - ^storyboard(c|er)?~?$  - ^xib$  banlist_filenames: []  check_binaries: false- type: ContentWhitelistPreValidator  patterns:  - shppa_[a-f0-9]{32}

Examples#

- text: >    shopify_app_secret: "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"  token: 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