Shopify custom apps let your workflows authenticate to a store with an Admin API access token (shpat_...) — a permanent, store-bound credential that belongs to the app, not to any employee's login. You choose exactly which Admin API scopes the app gets, and the token never expires.
This is the recommended way to use Shopify in production workflows: no OAuth consent to go stale, scopes are explicit and auditable, and access is revoked by uninstalling the app — without touching anyone's account.
Prerequisites
You need store owner or staff permissions that allow managing apps on the store. You'll also need your store's permanent domain (your-store.myshopify.com) — Sim asks for it alongside the token.
Shopify no longer allows creating new custom apps from the store admin — that path is legacy. New custom apps are created from the Dev Dashboard (dev.shopify.com) or the Shopify CLI. If you already have an admin-created custom app, its shpat_ token still works and can be pasted into Sim directly.
Setting Up the Custom App
1. Create the App and Grant Scopes
Open the Dev Dashboard, create a new app (e.g. sim-workflows), and connect it to your store
Configure the app's Admin API access scopes. The set Sim's Shopify tools use is:
write_products
write_orders
write_customers
write_inventory
read_locations
write_merchant_managed_fulfillment_ordersIn Shopify, write_X includes read_X, so these six cover product, collection, order, fulfillment, customer, inventory, and location operations. Grant fewer if your workflows only read — e.g. read_products alone is enough for product and collection lookups
Install the app on your store, then obtain the shpat_ token as described in the next section — the flow differs by app type
2. Get the Admin API Access Token
How you obtain the shpat_ token depends on how the app was created:
- Legacy admin-created custom apps (created from the store admin before Shopify removed that path) show the Admin API access token — it starts with
shpat_— once on the app's API credentials page. Reveal it, copy it immediately, and paste it into Sim. For legacy admin-created custom apps, Shopify shows the token only once, at creation — if you lose it, you have to reinstall or recreate the app to get a new one. - New Dev Dashboard apps do not display a permanent
shpat_token in any UI. Complete an OAuth (authorization code grant) install with the app's client ID and secret to obtain an offlineshpat_access token programmatically. The Dev Dashboard's client-credentials tokens are different — they expire after 24 hours and cannot be stored in Sim.
Don't confuse the token types: shpat_ is the Admin API access token Sim needs. shpss_ is the app's client secret and shpca_ is a custom app access token from older Partner-created custom apps — neither will work. If your Dev Dashboard app only shows a client ID and secret, that is expected: Dev Dashboard apps issue tokens via OAuth, not a UI reveal (see the setup steps above).
3. Find Your Store Domain
Use the permanent .myshopify.com domain — for example, your-store.myshopify.com — not your custom storefront domain. You can find it in your Shopify admin URL or under Settings → Domains.
Adding the Service Account to Sim
Open your workspace Settings and go to the Integrations tab
Search for "Shopify Service Account" and click it, then click Add to Sim and choose Add admin API token
Paste the Admin API access token, enter the store domain (e.g. your-store.myshopify.com), and optionally set a display name and description
Click Add admin API token. Sim verifies the token by querying your store's shop endpoint — if it fails, you'll see a specific error explaining what went wrong.
The token and store domain are encrypted before being stored.
Using the Service Account in Workflows
Add a Shopify block to your workflow. In the credential dropdown, your Shopify service account appears alongside any OAuth credentials. Select it and configure the block as you normally would — the store domain stored with the credential is used automatically.
The block calls your store's Admin API (your-store.myshopify.com/admin/api/...) using the token, with exactly the scopes you granted the app.