How to get Admin API tokens using apps in Dev Dashboard

TerenceShopify · February 10, 2026, 10:15pm

We’ve seen a lot of questions since January 1st about how to get Admin API access tokens now that custom apps in the admin were deprecated. The key change: tokens don’t appear in the UI anymore. Instead, you’ll see a Client ID and Client Secret—you exchange these for an access token using the client credentials grant. This happens programmatically. We know this has been confusing, and we’ve been working on improving our docs to make the new process clear.

Start here:

What changed

Before: Custom apps showed an shpat_******* access token in admin that you could copy and paste into a script or a 3rd party integration.
After: Apps created in the Dev Dashboard show a client ID and client secret. You exchange these for an access token by making an API request.
Why: We are phasing out non-expiring tokens in favor of short-lived tokens to better improve the safety of data in stores. Permanent tokens can easily be leaked and then provide access to sensitive data.

How to get access tokens

Tokens no longer appear in the admin and don’t appear in the Dev Dashboard either.
Use the guide to exchange your client ID and secret for an access token:
Get API access tokens for Dev Dashboard apps

The guide includes working code that:

Requests tokens programmatically
Refreshes them before they expire (every 24 hours)
Works for backend scripts, automation, and API integrations

Common issues

What to use for App URL

You can use https://shopify.dev/apps/default-app-home as your app’s URL.

Your auth request receives `Error: shop_not_permitted: Client credentials cannot be performed on this shop`

This usually means your app and the store are in different organizations (for example, you’re a partner building for a client store).
Solutions:

Create an app using the CLI and use the standard app template which automatically implements auth.
If you can’t user our templates then use Token Exchange or the Authorization Code Grant, not Client Credentials. These OAuth grants work across organizations and issues long‑lived offline tokens.

A 3rd party integration is asking you to “copy a token”

Copying an access token and pasting it into a 3rd party system will no longer work.
Contact the 3rd party system to request they update their Shopify integration to work with OAuth.

Topic		Replies	Views
New Shopify Dev Dashboard and Admin Access Token Authentication & Access oauth , access-scopes	3	318	December 22, 2025
Custom App Credentials Dev Platform	10	684	January 13, 2026
Dev Dashboard "Start from Dev Dashboard" Admin API Access Token Dev Platform dev-dashboard	2	149	December 22, 2025
Token not working Authentication & Access access-scopes	9	257	January 9, 2026
Custom app access token with Oauth flow Shopify App Store partner-dash	6	173	February 2, 2026