CodeShelf
CodeShelf
Intermediate10 min read

Shopify Customer Authentication with Node.js (Signup & Login API)

Learn how to implement customer authentication for Shopify using Node.js and the Storefront GraphQL API. This tutorial covers customer signup and login with secure access tokens using GraphQL and environment variables
Node JSShopify
C

Code Shelf

Published on February 24, 2026

177 views0 likes

1. Introduction

Shopify provides a Storefront API that allows developers to manage customer authentication programmatically. In this tutorial, we will build customer signup and login APIs using Node.js and Shopify GraphQL.

2. Prerequisites

Before starting, make sure you have:

  • A Shopify store
  • Storefront API access token
  • Node.js installed
  • Basic knowledge of JavaScript and Express
  • dotenv package installed


3. Setup Environment Variables

Create a .env file and add your Shopify credentials:

.env
env
1SHOPIFY_DOMAIN=your-store-name.myshopify.com
2SHOPIFY_STOREFRONT_TOKEN=your_storefront_api_token
3

4. Install Required Packages

Install GraphQL request and dotenv:

1npm install graphql-request dotenv

5. Initialize Shopify API Config

Create a config file to load environment variables and define the API URL:

config
javascript
1import { request, gql } from "graphql-request";
2import dotenv from "dotenv";
3dotenv.config();
4
5const SHOPIFY_DOMAIN = process.env.SHOPIFY_DOMAIN;
6const STOREFRONT_API_TOKEN = process.env.SHOPIFY_STOREFRONT_TOKEN;
7const API_URL = `https://${SHOPIFY_DOMAIN}/api/2025-01/graphql.json`;
8

6. Customer Signup API

Use the customerCreate mutation to register new users:

1export const signup = async (req, res) => {
2  const { email, password, firstName, lastName } = req.body;
3
4  const query = gql`
5    mutation customerCreate($input: CustomerCreateInput!) {
6      customerCreate(input: $input) {
7        customer {
8          id
9          email
10          firstName
11        }
12        customerUserErrors {
13          code
14          field
15          message
16        }
17      }
18    }
19  `;
20
21  try {
22    const data = await request(
23      API_URL,
24      query,
25      { input: { email, password, firstName, lastName } },
26      { "X-Shopify-Storefront-Access-Token": STOREFRONT_API_TOKEN }
27    );
28    res.json(data.customerCreate);
29  } catch (err) {
30    res.status(500).json({ error: err.message });
31  }
32};
33

7. Customer Login API

Use the customerAccessTokenCreate mutation to authenticate users:

1export const login = async (req, res) => {
2  const { email, password } = req.body;
3
4  const query = gql`
5    mutation customerAccessTokenCreate($input: CustomerAccessTokenCreateInput!) {
6      customerAccessTokenCreate(input: $input) {
7        customerAccessToken {
8          accessToken
9          expiresAt
10        }
11        customerUserErrors {
12          code
13          field
14          message
15        }
16      }
17    }
18  `;
19
20  try {
21    const data = await request(
22      API_URL,
23      query,
24      { input: { email, password } },
25      { "X-Shopify-Storefront-Access-Token": STOREFRONT_API_TOKEN }
26    );
27    res.json(data.customerAccessTokenCreate);
28  } catch (err) {
29    res.status(500).json({ error: err.message });
30  }
31};
32

8. Testing the API

Use Postman or Thunder Client:

Signup Endpoint

POST /api/signup

Login Endpoint

POST /api/login


9. Security Best Practices

  • Never expose Storefront tokens in frontend code
  • Store access tokens securely (cookies or database)
  • Use HTTPS in production
  • Implement token refresh logic

10. Conclusion

You have successfully implemented Shopify customer authentication using Node.js and GraphQL. This setup can be extended with JWT sessions, middleware authentication, and profile management APIs.

Comments (0)

Loading...

No comments yet. Be the first to comment!