Is merchant-consented "self-store diagnostics" an acceptable use of the Catalog API?

We’re building an app that shows merchants how their own store appears to AI agents: for each product, it checks Global Catalog presence, position in search results for a few representative queries, and Storefront MCP health.

Scans run only against the installing merchant’s own store, with explicit consent obtained at install.

Two clauses make us want to confirm this is OK before building further:

  • API Terms §2.3.14 prohibits “systematic or automated data collection” and building a “product index” — a scan issues one search request per product (~50 for 50 products).
  • The Catalog usage guidelines prohibit caching search results — we store only derived diagnostics (scores, hit/miss, position, missing-attribute names), never raw catalog data or images.

No cross-merchant benchmarking, no ML/AI training on catalog data.

Question (ideally for someone on the Shopify side): is this an acceptable use of the Catalog API? If there are conditions we should follow, we’ll build to them.

Related: the usage guidelines say to contact you “through Dev Dashboard” about rate limits, but we couldn’t find that path in the current UI — pointers welcome.

Thanks!

Hi @kitoko :waving_hand: thanks for reaching out.

That’s a great question and I’m going to dig into this deeper. I’ll follow up with you when I have more info to share.

Regarding the “To request a rate limit increase, use an authenticated API key and contact us through Dev Dashboard.” wording, I don’t see any way to reach out to support in the Dev Dashboard. The only way that I’m currently aware of to reach out to Support is through the partner dashboard using the top righthand menu and then authenticating through your partner org as a whole:


I’m digging into this wording on the docs as well :slight_smile: