We’d love to leverage shopifyqlQuery in our app to generate rich sales reports with detailed product breakdowns (for example, sales by product, product type, or collection). However, our use case does not require any Level 2 protected customer data (names, emails, phone numbers, addresses, etc.).
Right now, the shopifyqlQuery endpoint requires read_reportsplus Level 2 customer data access scopes, even if the queries we plan to run never reference customer‑identifying fields. This puts us in a position where we have to request access to sensitive data we don’t need, just to use ShopifyQL for product and sales analytics.
Feature request:
Introduce more granular permissions for shopifyqlQuery, so that:
Apps that only need aggregated or non‑identifying metrics (e.g. product‑level sales, time series over FROM sales or FROM products) can use ShopifyQL without requesting Level 2 protected customer scopes.
If an app doesn’t have access to protected customer fields, the ShopifyQL API would simply:
Omit those sensitive dimensions/metrics from available schema, or
Return null or errors only when queries explicitly reference those protected fields.
This would let apps safely adopt ShopifyQL for analytics use cases that don’t involve customer identities, while keeping stricter protections in place for apps that do need direct customer data.
Hey @Anthony_SL - hope all’s well! Thanks for the detailed write-up here. I definitely get where you’re coming from on this, especially for something like Biscuits Bundles where you’d want to surface product-level sales breakdowns (like which bundles are performing, sales by product type or collection) without needing to touch any customer-identifying data.
Just out of curiosity, I’m guessing the main goal here is powering merchant-facing analytics within the app itself, but is there more to it or is it also for your own internal reporting/insights? Just want to make sure I’m capturing the full picture when I pass this along.
Either way, I’m happy to log this as a feature request on our end here. Can’t guarantee anything in terms of if/when changes would be made, but I want to make sure your feedback is documented. Hope to hear from you soon!
You’re exactly right - our goal is to power merchant-facing analytics and suggestions inside our app. Using shopifyqlQuery would let us lean on Shopify’s analytics instead of storing (or querying) and aggregating large volumes of orders ourselves.
Right now we have Level 1 protected customer data and view_all_orders. So we can query orders without protected fields (which we don’t need), and it works great.
