How to Get a Shopify Admin API Access Token in 2026
Shopify changed how custom app tokens work. The old “reveal token” method is gone. This guide shows you how to get your Admin API access token now — either manually or using Datora’s free tool.
What changed?
Shopify moved custom app creation from the store admin to the Developer Dashboard. The simple “Reveal token once” button no longer exists for new apps. Instead, tokens are issued exclusively through the OAuth 2.0 authorization code flow.
This frustrates non-developers, agency clients, and anyone who just needs a quick token to integrate a third-party tool. Building a full OAuth server to get a single access token is overkill — but that’s what Shopify now requires.
Note: If you created a custom app before the change, your existing access tokens still work. This guide is for apps created on the new Dev Dashboard.
The manual way (for developers)
If you’re comfortable writing code, you can build your own OAuth 2.0 Authorization Code flow. Here’s what that involves:
- Create a new app on dev.shopify.com
- Set up a web server that can handle HTTPS callbacks
- Construct the authorization URL with your Client ID, scopes, and redirect URI
- Redirect the merchant to Shopify’s consent screen
- Handle the callback, extract the authorization code, and exchange it for an access token via a POST request
- Store the token securely
For the full technical details, see Shopify’s OAuth documentation.
This is the right approach if you’re building a production app. For a one-off token, it’s a lot of work.
Use Datora’s token generator (for everyone)
Skip the server setup. Datora handles the OAuth handshake for you — just follow these steps:
Create an app on dev.shopify.com
Go to dev.shopify.com, sign in with your Shopify Partner or store owner account, and create a new app.
Add the redirect URL
In your app’s configuration, add the following as an Allowed redirection URL:
https://token.datora.de/api/shopify/callbackSet up distribution
Go to Distribution in your app settings. Choose “Custom distribution” and select the store you want to install the app on.
Install the app on your store
After setting up distribution, install the app on your Shopify store. This is required before you can generate a token.
Copy your Client ID & Secret
Go to your app’s Settings page on the Dev Dashboard. Copy the Client ID and Client Secret — you’ll need both.
Generate your token on Datora
Go to token.datora.de, paste your Client ID and Client Secret, enter your store URL, and select the API scopes you need. Click Generate.
Approve and copy your token
You’ll be redirected to Shopify’s consent screen. Approve the permissions, and your access token will be displayed. Copy it immediately — it’s shown only once.
That’s it! Your token is ready to use with the Shopify Admin API. Store it securely — Datora does not keep a copy.
Frequently Asked Questions
How do I get a Shopify Admin API access token in 2026?+
Shopify removed the old method of generating tokens directly in the admin panel. Custom apps created via the Dev Dashboard now require a full OAuth 2.0 authorization flow. You can either build your own OAuth server, or use a tool like Datora’s token generator to handle the handshake for you — just paste your Client ID and Secret, pick your scopes, and approve on Shopify.
Why can’t I find my access token in the Shopify admin anymore?+
Shopify moved custom app creation to the Dev Dashboard (dev.shopify.com) and removed the simple “Reveal token once” button for new apps. Tokens are now only issued through OAuth. If you created your app before the change, existing tokens still work — but new apps require the OAuth flow.
Is it safe to use an online Shopify token generator?+
It depends on the tool. Datora’s generator never stores your access token or client secret. Your token is shown once after the OAuth flow completes, and client secrets are discarded immediately. The OAuth session expires after 10 minutes. We recommend always reviewing the permissions (scopes) before approving.
What is the difference between a Shopify access token and an API key?+
The API key (Client ID) identifies your app. The access token authorizes your app to make API calls on behalf of a specific store. You need both — the Client ID to start the OAuth flow, and the resulting access token to actually call the Shopify Admin API.
Do I need coding skills to generate a Shopify access token?+
Not with Datora’s tool. Normally, getting a token requires setting up a server to handle OAuth callbacks. Our tool handles that for you — you just paste credentials, pick scopes, approve on Shopify, and copy your token. No coding required.
Ready to generate your token?
Skip the OAuth complexity. Get your Shopify Admin API access token in under a minute.