Skip to main content

Set up the Shopify MCP server

The Shopify MCP server gives AI agents access to store data through the Admin GraphQL API — products, collections, inventory, orders, customers, discount codes, and ShopifyQL analytics. This guide covers creating a Shopify app in the Dev Dashboard, configuring OAuth, and connecting it to MintMCP.

Prerequisites

  • A MintMCP admin account
  • A Shopify store with admin access

Create a Shopify app

Shopify apps are created in the Dev Dashboard, which you reach from your store's admin.

  1. Sign in at shopify.com and open the admin of the store you want to connect (admin.shopify.com).
  2. Click Settings in the bottom-left corner.
Settings link in the Shopify admin sidebar
  1. In the settings menu, click Apps.
Settings menu with Apps highlighted
  1. Click Develop apps in the top-right corner.
Develop apps button on the Apps settings page
  1. Click Build apps in Dev Dashboard. This redirects you to the Shopify Dev Dashboard.
App development page with the Build apps in Dev Dashboard button
  1. In the Dev Dashboard, click Create app under Get API credentials.
Dev Dashboard landing page with the Create app link under Get API credentials
  1. Under Start from Dev Dashboard, enter an app name — for example, MintMCP OAuth — and click Create.
Create an app screen with the Start from Dev Dashboard option and app name field

Configure and release a version

The app URL, scopes, and redirect URLs live in app versions, and the configuration only takes effect when you release one.

  1. Click Create version.
  2. Set App URL to https://app.mintmcp.com.
  3. Leave Embed app in Shopify admin unchecked — the app runs through MintMCP, not inside the Shopify admin.
Create version page with the App URL field and the Embed app in Shopify admin checkbox unchecked

  1. Under Access > Scopes, paste this comma-separated list — or click Select scopes and pick them by hand:

    read_products,write_products,read_inventory,write_inventory,read_locations,read_orders,read_customers,read_discounts,write_discounts,read_reports
Access section with scopes entered as a comma-separated list
  1. Under Redirect URLs, enter https://app.mintmcp.com/oauth/callback.
Redirect URLs field with the MintMCP OAuth callback
  1. Click Release. You'll be asked for a version name and message — both are optional, so you can skip them.

Each scope grants the following access:

ScopeAccess granted
read_productsRead product listings
write_productsCreate and update products
read_inventoryRead inventory levels
write_inventoryUpdate inventory
read_locationsRead store locations
read_ordersRead orders
read_customersRead customer data
read_discountsRead discount codes
write_discountsCreate and update discount codes
read_reportsRead ShopifyQL analytics and reports

Copy the client ID and client secret

  1. In the app's left menu, click Settings.
App navigation with Settings selected
  1. In the Credentials card, copy the Client ID, then reveal and copy the Secret. You'll need both in a later step — keep the secret private.
Credentials card showing the client ID and hidden secret

Install the app on your store

The app can only access stores it's installed on.

  1. Click the app name in the left menu to open its Overview page.
App overview page with the Install app button in the Installs card
  1. In the Installs card, click Install app.
  2. Select the store you want to connect.
Store picker showing the store to install the app on
  1. Review the requested access and click Install.
Install confirmation dialog listing the data the app needs access to

Add Shopify to MintMCP

Shopify OAuth endpoints are per-store — each connector instance connects to exactly one store. {store} is a placeholder for your store's myshopify.com subdomain.

  1. In MintMCP, go to MCP store > Manage store.

  2. Find Shopify in the recommended servers and click Install, then Continue. A setup page appears with the connector configuration.

  3. Set SHOPIFY_STORE_DOMAIN to {store}.myshopify.com with Global scope.

  4. Set Authorization URL to https://{store}.myshopify.com/admin/oauth/authorize.

  5. Set Token URL to https://{store}.myshopify.com/admin/oauth/access_token.

  6. Set Scopes to the same comma-separated list you used in the Shopify app:

    read_products,write_products,read_inventory,write_inventory,read_locations,read_orders,read_customers,read_discounts,write_discounts,read_reports

  7. Enter the Client ID and Client Secret you copied from the app's Settings > Credentials card.

  8. Confirm the Redirect URL shown on the setup page matches https://app.mintmcp.com/oauth/callback. It must be identical to the one in your Shopify app version, or authentication fails.

  9. Click Install again to finish.

Security considerations

  • The client secret grants OAuth access on behalf of your Shopify app — store it securely and rotate it if exposed.
  • The connector uses offline access tokens, so permissions come from the app's scopes rather than the authenticating user's store role — every user gets the same store-level access. Grant only the scopes your team needs.
  • Shopify OAuth tokens are per-store — this connector serves only the one store you configured.
  • SHOPIFY_STORE_DOMAIN is set globally, so all users connect to the same store.
  • Write-capable tools (product edits, inventory changes, discount creation) carry destructive annotations in MCP, so clients that respect these annotations will prompt users before executing write operations.

Next steps