Merchants can now see more details about app activity and permissions

Dev Platform
1

We’re sharing an update on a new set of features rolling out to merchants. This is part of a broader investment to build a more transparent app ecosystem that helps merchants build greater trust with the apps they use while giving developers better ways to demonstrate value.

What’s live now

We’re giving merchants more visibility into how apps interact with their stores. Merchants can now go to Settings > Apps and select any installed app to see:

  • Admin API activity: Request volume by permission area over the last 30 days, so merchants can understand how actively an app is using its access.

  • Data privacy details: A clear breakdown of which scopes touch sensitive customer data versus other personal data.

  • Permission change history: A timeline showing when app permissions were granted or updated.

app-transparency-01
app-transparency-01770×770 70.9 KB

This information is based on your app’s declared scopes and actual Admin API usage. No action is required from you, this is surfaced automatically for all installed apps.

We’ve also introduced new privacy categories on the app install grant screen and in App Store listings for apps using Shopify Managed Install. Sensitive customer data is now clearly separated from other personal data, giving merchants a better understanding of what they’re granting access to. This uses your existing declared scopes.

Best practices reminder

As you know, best practice is to only request access to scopes that you need. With merchants now having more visibility into app permissions and activity, it’s a great time to review your app’s permission and privacy best practices:

  • Ensure your app only requests scopes it needs to function. If your app has permissions it only needs for certain features, consider using optional scopes and only asking merchants to grant access when needed.

  • Keep your privacy policy up to date and clearly explain how you handle merchant and customer data

  • Review your App Store listing to make sure it accurately reflects what your app does

What’s next

We’re currently working on bringing API activity data into your dashboard, so you’ll be able to see the information merchants see with additional detail, directly in your Dev Dashboard. Stay tuned for more on that.

This is the first step in a larger effort to build a healthier, more transparent app ecosystem, one that benefits both merchants and developers. Let us know if you have any questions.

Resources

9 Likes
2

Great improvements, always good to offer more transparency :+1:

I long had hoped that the Privacy section also gets updated to reflect the different levels of Protected Customer Data

CleanShot 2026-03-11 at 16.12.47@2x
CleanShot 2026-03-11 at 16.12.47@2x1778×1216 297 KB

Our app is authorized on level 1, checking order payloads confirms that we do not receive email addresses or other personal data, but the Privacy section still says that we have access to Name, Email:

CleanShot 2026-03-11 at 16.10.42@2x
CleanShot 2026-03-11 at 16.10.42@2x1460×642 45.9 KB

We routinely receive support requests from merchants asking why we need this information, but we do not even have access to it.

Thanks!

1 Like
3

Hi michael,

We are looking into this issue. Thanks for flagging.

1 Like