I am using the Shopify App Express package to build my first Shopify app. I’ve managed to successfully embed my app into my development Shopify store but I’m not sure which type of access token I should be using.
I am currently using an offline access token but I would like some more info on specific use cases in which it would make sense to use an online access token.
The documentation says they are useful whenever you want to differentiate specific users from each other on a store and when you want to use your app “through the web”.
What does using your app “through the web” refer to?
1 Like
Hey @Patrick_Pierre! Congrats on building your first app.
Online access tokens are specifically designed for when you’re dealing with staff-specific interactions in your app. They’re tied to individual staff on the store and respect their specific permission levels, which makes them perfect when you need to differentiate between users on a store.
When the docs mention using your app “through the web,” they’re referring to situations where merchants are actively interacting with your app through their browser, like adjusting settings in your app UI or performing actions that should be associated with their specific account. The key advantage is that online tokens respect user permissions, so a staff member with limited access will only be able to use features they’re authorized for.
In contrast, offline tokens are better for background processes that don’t involve direct user interaction, like responding to webhooks or scheduled tasks.