Skip to main content

Shopify Private App Token

Description

General

  • Documentation: https://help.shopify.com/en/manual/apps/private-apps
  • Summary: Shopify is an e-commerce company that offers online retailers a suite of services including payments, marketing, shipping and customer engagement tools to simplify the process of running an online store. A private application allows to integrate custom web services with a Shopify store, by associating credentials to a given scope over the Shopify API.
  • IPs allowlist: This is not mentioned in the documentation.
  • Scopes: Various scopes can be attributed to an application. Read the Access scopes page of the documentation for more details.

Revoke the secret

There doesn't seem to be a simple way to revoke this secret within an application. In order to revoke the secret, delete the private application, and create a new one with the same scopes.

Check for suspicious activity

This feature is not mentioned in the documentation.

Details for Shopify private app token

  • Family: Api

  • Category: E-commerce

  • Company: Shopify

  • High recall: True

  • Validity check available: False

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 1.81

  • Prefixed: True

  • PreValidators:

- type: ContentWhitelistPreValidator
patterns:
- shppa_[a-f0-9]{32}

Examples

- text: |
shopify_app_secret: "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"
token: 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

# Fat-fingered secret
- text: X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
token: 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

How can I help you ?