Shopify access

Before requesting Shopify access

Use this page when a report finding may need Shopify storefront, theme or app context and the customer can grant a limited review scope. Shopify access should stay tied to the customer-owned store, target theme and exact fix workflow. Do not request broad staff access, customer records, order data, payment data or unrelated app scopes. If Shopify access cannot stay narrow, use ticket_only_fallback with customer-applied theme instructions.

Request scoped Shopify theme access

Follow the path `Report fix workflow → Platform access option → Shopify theme scope → Customer grant or ticket-only fallback → Revoke path`.

1. Open /reports/{report} and review the automated fix workflow platform access options. Result: shopify_theme appears only when the finding may need Shopify storefront, theme or app context.
2. Choose the Shopify access option for the customer-owned store. Result: platform_access_mode and requested_permission are set to shopify_theme_review.
3. Confirm the target store and theme before requesting access. Result: shopify_access_status, shopify_scope and theme_id describe the exact store and theme boundary.
4. Review connector_status and plain_text_sensitive_values_allowed before sharing instructions. Result: WebRiskOps requests structured Shopify access and blocks credentials in chat, tickets or documentation.
5. Use ticket_only_fallback when staff access, app scope, customer data or payment data would be unsafe. Result: remediation can continue with customer-applied Shopify theme instructions.
6. After access is granted or fallback is chosen, continue to GTM access or Access modes and required scopes. Result: the next platform step stays scoped to its own approval boundary.

Ready Shopify states

Continue only when the product shows a scoped and customer-safe state.

• Structured request ready means platform_access_mode is shopify_theme and requested_permission is shopify_theme_review.
• Store matched means shopify_access_status points to the customer-owned store tied to the report.
• Theme scoped means shopify_scope and theme_id identify the target storefront theme or review boundary.
• No plain-text credentials means plain_text_sensitive_values_allowed is false and access happens through the product flow.
• Fallback available means ticket_only_fallback can carry customer-applied Shopify theme instructions when connected access is unsafe.

Blocked or unsafe Shopify states

Do not work around unsafe Shopify access. Use fallback or a narrower scope before the customer shares anything sensitive.

• Store mismatch means stop and return to the project or report that owns the affected storefront.
• Missing app scope means reconnect or request only the minimum Shopify theme review scope.
• Broad staff access means reject the request and use ticket_only_fallback or a narrower structured flow.
• Customer or order data request means stop because standard remediation does not need customer records, payment data or order history.
• Theme mismatch means confirm theme_id before reviewing or changing storefront code.
• Secret boundary risk means use Revoke and no-secret boundaries before tokens, private app credentials or source snippets enter artifacts.

Continue from Shopify access

Continue to GTM access when the next finding needs tag or container review. Continue to Access modes and required scopes when the customer needs to compare Shopify access against other platform modes. Use Shopify diagnostics when the customer needs app-provided evidence instead of connected staff access. Use Safe fallback paths when staff access, app scope, store mismatch or data boundary issues make connected access unsafe.