Create an access token 

POST https://{handle}.myshopline.com/admin/openapi/v20260301/storefront_access_tokens.json
handle : The store's unique identifier, which is the prefix of the store's domain name. For example, if a store's domain name is open001.myshopline.com , the store handle is open001 .
Create an access token to grant authorization for using Storefront APIs.
Request Headers
  • Content-Type string required
    The field must be set to the fixed value application/json; charset=utf-8.
  • Authorization string required
    The access token for the API resource. Refer to App authorization to obtain the access token, and then pass the obtained token in the Bearer format.
    Example:
    Bearer eyJhbGciOiJIUzUxMiJ9.eyJhcHBLZXkiOiJmMjM3OWQyMTYyOGMzM2QxMWRiMWZkYjY5N2EzZjdjMjZlNGMwYTA5Iiwic2VsbGVySWQiOiIyMDAwMjM0ODgwIiwic3RvcmVJZCI6IjE2NzIzNjk3Mjk2MDYiLCJ2ZXJzaW9uIjoiVjIiLCJkb21haW4iOiJodHRwczovL3NsLW9wZW4tc2cubXlzaG9wbGluZS5jb20iLCJ0aW1lc3RhbXAiOjE2NzUzMTk0OTI0MzksImlzcyI6Inlzb3VsIiwiZXhwIjoxNzY5OTI3NDkyfQ.UwQzomM2veGCUaOZ0paUxq5dpc7DXuhHYFvsQ_uIAKduzWcb_j2E4q_36El83sp145D4cKbpcE5KCeeIz-JNQw
Request Body
  • storefront_access_tokenobject
    The access token information.
  • title string
    The title of the access token. Used to mark the scenario of the access token.
    Example: For SHOPLINE Themes
Status Codes
For the complete list of codes and messages, see Http status code.
Response Headers
  • traceId
    A globally unique identifier for the request. It is used to track the request flow throughout the system, allowing for easy location and debugging when issues arise.
Response Body
  • storefront_access_tokenobject
    The access token information.
  • access_scope string
    Access scopes, defining which APIs the returned access token is allowed to call. Multiple access scopes are separated by ,.
    Example: unauthenticated_write_message, unauthenticated_read_message
  • access_token string
    Access token. This access token must be included in requests when calling Storefront APIs. The system will validate interface request permissions through this access token.
  • created_at string
    The date and time when the access token was created. Format: ISO 8601.
  • id long
    The unique identifier for the access token.
  • title string
    The title of the access token.
API Explorer
https://openapiceshidianpu.myshopline.com/admin/openapi/v20260301

ParamOptions

header required

Body

required
{
  "storefront_access_token": {
    "title": "For SHOPLINE Themes"
  }
}

Language

curl --request POST \
     --url https://openapiceshidianpu.myshopline.com/admin/openapi/v20260301/storefront_access_tokens.json \
     --header 'Authorization: Bearer eyJhbGciOiJIUzUxMiJ9.eyJhcHBLZXkiOiJmMjM3OWQyMTYyOGMzM2QxMWRiMWZkYjY5N2EzZjdjMjZlNGMwYTA5Iiwic2VsbGVySWQiOiIyMDAwMjM0ODgwIiwic3RvcmVJZCI6IjE2NzIzNjk3Mjk2MDYiLCJ2ZXJzaW9uIjoiVjIiLCJkb21haW4iOiJodHRwczovL3NsLW9wZW4tc2cubXlzaG9wbGluZS5jb20iLCJ0aW1lc3RhbXAiOjE2NzUzMTk0OTI0MzksImlzcyI6Inlzb3VsIiwiZXhwIjoxNzY5OTI3NDkyfQ.UwQzomM2veGCUaOZ0paUxq5dpc7DXuhHYFvsQ_uIAKduzWcb_j2E4q_36El83sp145D4cKbpcE5KCeeIz-JNQw' \
     --header 'Content-Type: application/json; charset=utf-8' \
     --header 'accept: application/json'
Examples
Create an access token for calling Storefront APIs
Request
{
  "storefront_access_token": {
    "title": "For SHOPLINE Themes"
  }
}
Response
{
  "storefront_access_token": {
    "access_scope": "unauthenticated_write_checkouts_info,unauthenticated_read_checkouts_info",
    "access_token": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJ5c291bCIsInRva2VuIjoiZjIzNzlkMjE2MjhjMzNkMTFkYjFmZGI2OTdhM2Y3YzI2ZTRjMGEwOXw2Nzk1MXwxNjcyMzY5NzI5NjA2fDE3NTA5MjEzOTd8MjA2MjIyNjUyMHwifQ.rzFzxg13kFriO3i6HO3n8MbEOIhtILONnE5tULj18pvxp6XSdf38I2vMkDfrEqJS-CdyvSdHcVxIy4TxxyLtMA",
    "created_at": "2025-06-26T15:03:17+08:00",
    "id": 2062226520,
    "title": "For SHOPLINE Themes"
  }
}
Was this article helpful to you?
SHOPLINE
SHOPLINE
SHOPLINE Enterprise
Legal
Privacy
Terms
Developer Agreement
LinkedInEmail
LinkedInEmail
© Copyright 2013-2025 SHOPLINE Limited.