Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .env.example
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,8 @@ NUXT_SHOPIFY_CLIENTS_STOREFRONT_PRIVATE_ACCESS_TOKEN="YOUR_PRIVATE_ACCESS_TOKEN"
# Customer Account API
NUXT_SHOPIFY_CLIENTS_CUSTOMER_ACCOUNT_API_VERSION="2026-01"
NUXT_SHOPIFY_CLIENTS_CUSTOMER_ACCOUNT_CLIENT_ID="YOUR_APP_CLIENT_ID"
NUXT_SHOPIFY_CLIENTS_CUSTOMER_ACCOUNT_CLIENT_SECRET="YOUR_APP_CLIENT_SECRET"
NUXT_SHOPIFY_CLIENTS_CUSTOMER_ACCOUNT_SESSION_PASSWORD="A_RANDOM_32_CHARACTER_OR_LONGER_SECRET"

# Admin API
NUXT_SHOPIFY_CLIENTS_ADMIN_API_VERSION="2026-01"
Expand Down
2 changes: 0 additions & 2 deletions .git-blame-ignore-revs

This file was deleted.

1 change: 0 additions & 1 deletion build.config.ts
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,5 @@ export default defineBuildConfig({

externals: [
'@shopify/hydrogen',
'nuxt-auth-utils',
],
})
31 changes: 0 additions & 31 deletions bun.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion docs/content/1.getting-started/4.usage.md
Original file line number Diff line number Diff line change
Expand Up @@ -167,7 +167,7 @@ export default defineNuxtConfig({
```

::note
Confidential client usage with the `clientSecret` is currently not supported for the Customer Account API.
Both public clients and confidential clients (by also providing a `clientSecret`) are supported for the Customer Account API.
See the [Customer Account API guide](/essentials/customer-account) for more details on how to configure and use the Customer Account API client.
::

Expand Down
28 changes: 28 additions & 0 deletions docs/content/2.essentials/2.configuration.md
Original file line number Diff line number Diff line change
Expand Up @@ -230,6 +230,10 @@ Configure one or more API clients:
Client ID for customer account API requests
:::

:::field{name="clientSecret" type="string"}
Client secret for confidential clients. When set, the OAuth token exchange is authenticated with the secret instead of PKCE - server-side only, optional
:::

:::field{name="scope" type="array"}
OAuth scopes to request during authentication - default: `['openid', 'email', 'customer-account-api:full']`
:::
Expand All @@ -242,10 +246,34 @@ Configure one or more API clients:
Logout URL for customer account API authentication - default: `/_auth/customer-account/logout`
:::

:::field{name="sessionURL" type="string"}
Endpoint that exposes the current session to the client - default: `/_auth/customer-account/session`
:::

:::field{name="redirectURL" type="string"}
Redirect URL to navigate to after successful customer account API authentication - default: `/`
:::

:::field{name="logoutRedirectURL" type="string"}
Redirect URL to navigate to after logout. Must be a registered logout URI in your Shopify app - optional
:::

:::field{name="session.password" type="string"}
Password used to encrypt the session cookie (at least 32 characters). Auto-generated in development, required in production - server-side only
:::

:::field{name="session.name" type="string"}
Name of the session cookie - default: `shopify-customer-account`
:::

:::field{name="session.maxAge" type="number"}
Lifetime of the session cookie in seconds - default: `604800` (7 days)
:::

:::field{name="tokenStorage" type="string | object | boolean"}
[unstorage](https://unstorage.unjs.io) mount or driver configuration for the server-side token store. Use a persistent driver (e.g. Redis) in production - default: in-memory
:::

:::field{name="dev.tunnelURL" type="string"}
Tunnel URL for local development with ngrok or similar - optional
:::
Expand Down
Loading