Create Checkout through MCP Returning -32000 Error

Agentic Commerce
1

when sending requests to a store’s checkout MCP server, I get the following:

{
    "jsonrpc": "2.0",
    "id": 1,
    "error": {
        "code": -32000,
        "message": "AuthenticationFailed",
        "data": "Access disabled."
    }
}

I included header:

Authorization: Bearer ey...

using the token I got from https://api.shopify.com/auth/access_token (same token used for Catalog MCP, refreshed before 60-min expiry)

my request payload looks like this:

{
  "jsonrpc": "2.0",
  "id": 1,
  "method": "tools/call",
  "params": {
    "name": "create_checkout",
    "arguments": {
      "_meta": {
        "ucp": {
          "profile": "https://{my_site}/agent_profile.json"
        }
      },
      "store_url": "https://{merchant}.com",
      "checkout": {
        "buyer": {
          "email": "{me}@gmail.com",
          "first_name": "{me}",
          "last_name": "{me}",
          "full_name": "{me}",
          "phone_number": "+1XXX",
          "consent": {
            "analytics": true,
            "marketing": false,
            "preferences": true,
            "sale_of_data": false
          }
        },
        "currency": "USD",
        "line_items": [
          {
            "item": {
              "id": "gid://shopify/p/{id}"
            },
            "quantity": 1
          }
        ],
        "fulfillment": {
          "methods": [
            {
              "type": "shipping",
              "destinations": [
                {
                  "first_name": "{me}",
                  "last_name": "{me}",
                  "street_address": "{me}",
                  "address_locality": "{me}",
                  "address_region": "{me}",
                  "postal_code": "{me}",
                  "address_country": "{me}"
                }
              ]
            }
          ]
        }
      }
    }
  }
}
2

my ucp profile looks as follows:

{
    "ucp": {
      "version": "2026-01-11",
      "capabilities": [
        {
          "name": "dev.ucp.shopping.checkout",
          "version": "2026-01-11",
          "spec": "https://ucp.dev/specs/shopping/checkout",
          "schema": "https://ucp.dev/schemas/shopping/checkout.json"
        },
        {
          "name": "dev.ucp.shopping.fulfillment",
          "version": "2026-01-11",
          "spec": "https://ucp.dev/specs/shopping/fulfillment",
          "schema": "https://ucp.dev/schemas/shopping/fulfillment.json",
          "extends": "dev.ucp.shopping.checkout"
        }
      ]
    },
    "payment": {
      "handlers": [
        {
          "id": "gpay",
          "name": "com.google.pay",
          "version": "2024-12-03",
          "spec": "https://ucp.dev/handlers/google_pay",
          "config_schema": "https://ucp.dev/handlers/google_pay/config.json",
          "instrument_schemas": ["https://ucp.dev/handlers/google_pay/card_payment_instrument.json"]
        }
      ]
    }
  }
3

Hey @chami, did you manage to solve this? I’m facing the exact same issue with the -32000 AuthenticationFailed error even with a valid token. Any insights would be appreciated!

4

unfortunately not :frowning: please assist @Liam-Shopify

5

Hey folks - what kind of stores are you testing this on, ie: are these stores on paid plans, dev stores created from the dev dash?

6

hey Liam. i was testing on a third-party store that was on a paid plan, i checked their ucp profile and confirmed that they had enabled the checkout capability

7

Hi @chami and @devYahia

I can confirm this is a gap in our current documentation - the dev dash UI correctly shows that the Checkout MCP is “coming soon”, so it’s not available yet:

10-39-xts4a-tle7f
10-39-xts4a-tle7f587×483 41 KB

We’ll update the main docs on .dev to reflect this.

8

hey Liam. i’m using it to build a personal shopping agent interfaced over WhatsApp