Authentication
ShopQuery API requests are authenticated with an app token.
An app belongs to a merchant account and can read that merchant's catalog. Treat the token like a password: it grants access to merchant product data and is only shown once when it is created.
Create an account
Sign up for ShopQuery and complete merchant setup. You need an active merchant workspace before you can create an app token.
If you are building for a merchant, ask them to invite you to their ShopQuery account or create the app on your behalf.
Create an app
In the merchant dashboard:
- Open Settings.
- Go to Apps.
- Click Create App.
- Enter a clear name, such as
Website storefrontorInventory agent. - Click Create.
ShopQuery creates a merchant-wide app token. It is not tied to a single store location, so it can read catalog data across the merchant account.
Save the token
The token is shown once after the app is created. Copy it immediately and store it in a secure place, such as your deployment platform's encrypted environment variables or a secret manager.
Do not commit tokens to source control, place them in browser code, or share them in support chats. If a token is exposed, delete the app and create a new one.
Send authenticated requests
Pass the token in the Authorization header using the bearer scheme.
Authorization: Bearer <app_token>
Accept: application/json
const response = await fetch("https://api.shopquery.ai/v1/products", {
headers: {
Authorization: `Bearer ${process.env.SHOPQUERY_TOKEN}`,
Accept: "application/json",
},
});
const products = await response.json();
import axios from "axios";
const { data: products } = await axios.get(
"https://api.shopquery.ai/v1/products",
{
headers: {
Authorization: `Bearer ${process.env.SHOPQUERY_TOKEN}`,
Accept: "application/json",
},
},
);
curl "https://api.shopquery.ai/v1/products" \
-H "Authorization: Bearer $SHOPQUERY_TOKEN" \
-H "Accept: application/json"
Rotate access
If an app is no longer needed, delete it from Settings -> Apps. Create a new app when you need a fresh token for another integration, environment, or developer.