I’m trying to implement the Client Credentials Grant flow as documented here:
Using the client credentials grant
My setup:
-
Created a custom app via Settings → Apps and sales channels → Develop apps
-
App status: Installed (confirmed in the admin dashboard)
-
Configured Admin API scopes before installation
-
Retrieved Client ID and Client Secret from API credentials tab
The problem:
When I make a POST request to obtain an access token using Client Credentials Grant, I consistently receive a 400
- Oauth error app_not_installed error.
Request format:
POST https://{my-shop}.myshopify.com/admin/oauth/access_token
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials
client_id={my_client_id}
client_secret={my_client_secret}
Response:
400 - Oauth error app*_not_*installed: The application is not installed on this shop.
What I’ve tried:
1. Uninstalled and reinstalled the app multiple times
2. Regenerated the Client Secret
3. Verified the app appears as “Installed” in the Develop apps section
4. Confirmed all API scopes were configured before installation
5. Verified I own both the app and the store (same organization)
Questions:
1. Does the Client Credentials Grant flow require the app to be created via Shopify Partners instead of the in-admin “Develop apps” feature?
2. Is there a specific app type or configuration setting needed to enable Client Credentials Grant?
3. Should I be using a different credential than the “API secret key” shown in the credentials tab?
4. Are there any additional installation steps beyond clicking “Install app”?
The documentation suggests this should work for “apps developed by your own organization and installed in stores that you own,” which describes my situation exactly.
Any guidance would be greatly appreciated!