Issue with Customer ID Handling on Shop Site with New Customer Accounts

Hello,

We’ve identified an issue related to customer ID management on the shop site when using the new customer accounts system.

When attempting to retrieve the customer ID via meta.page.customerId (or even __st), the value may sometimes return as undefined, despite the user appearing to be authenticated on the account page.

This typically occurs when cookies—specifically the _shopify_essential cookie—have been cleared for the shop site. As a result, the user believes they are still logged in, but the shop site extensions cannot detect their authentication status because the customerId is unavailable.

This discrepancy can lead to confusion, as the user’s account page remains accessible while the rest of the site fails to recognize them as authenticated.

Please let us know if you need more details or a recommended workaround.

Thanks,

Hey @Raphael_Pare

This behaviour happens because the new customer accounts operate on a separate authentication layer from your shop site, creating two distinct authentication contexts. When the _shopify_essential cookie is cleared on the shop domain, the JavaScript-based detection methods like meta.page.customerId and __st lose their reference, even though the customer remains authenticated on the accounts domain.

For detecting this mismatch, you’ll probably want to implement a check that compares the authentication states between both domains. The approach depends on your specific implementation - are you building a theme extension, an app, or working with custom theme code? Just want to understand your use case here so I can help as best as possible.

The best approach, if you’re using Liquid though, would likely be to leverage the customer object to verify if they’re logged in or not: Liquid objects

There’s a bit more info on our new Customer Account API docs for more context on the authentication flow as well.

Hope this helps - let me know if I can clarify anything more on our end here, happy to help!

Thanks for the clarification, @Alan_G.

Let’s say I’m building a Liquid extension that needs to display customer information. If the cookies are cleared on the storefront, my extension won’t be able to access customer-related data (even with liquid objects) because the _shopify_essential cookie is missing. As a result, my extension prompts the user to log in.

However, when the user navigates to the account section to log in, they’ll see that they’re already logged in (since the customer account context is still active). The only workaround at the moment is for the user to manually log out and log back in, which resets the _shopify_essential cookie and allows the extension to detect the logged-in state and datas properly.

It would be expected that visiting the customer account domain would reset the _shopify_essential without having to log out then log in again so that there is no mismatch between the two authentification layers which are tightly related.

Hope this helps understand the problem!

No worries @Raphael_Pare - thanks for clarifying things! My understanding is that this is expected behaviour, but I’ll do some further digging on my end and loop back with you once I have more info/workarounds to share.

Speak with you soon!

1 Like