LLMversus

Shopify MCP Claude Code: Setup and Config Guide 2026

Updated: April 16, 2026

Shopify MCP in Claude Code

Quick answer: Install the Shopify MCP server with npx -y @shopify/mcp-server, add the JSON block below to ~/.claude/settings.json, restart Claude Code, and run /mcp to confirm the connection. Setup runs about 5 minutes on a fresh machine, verified on @shopify/mcp-server as of April 15, 2026.

The Shopify MCP server gives Claude Code a tool surface on the Shopify Admin API. After setup, the model can list products, read orders, update inventory, create customers, and inspect store settings. The server is published as @shopify/mcp-server and uses an Admin API access token plus the shop domain.

This guide covers what you get after the wiring is done, the exact config, verification steps, prompt patterns that tend to work well, and the 4 issues that trip people up most often in the first week.

What you get when it is connected

Once the Shopify server is attached, Claude Code can call the server tools from inside any conversation. You do not invoke the tools by hand. When you ask Claude a question the model decides which tool to call and parses the response for you. For teams that live inside Shopify day to day, this replaces dozens of context switches per week with a single line in chat.

Tools exposed include list_products, get_product, list_orders, get_order, update_inventory, create_customer, list_collections, search_customers. The REST and GraphQL admin APIs are both wrapped, and the server picks whichever is cheaper per query. For bulk operations, Shopify has a dedicated bulk mutations endpoint that the MCP server does not yet expose - use the admin UI or a standalone script for those.

Prerequisites

A Shopify store and a custom app installed with Admin API scopes for products, orders, and customers. The Admin API access token from the custom app page. Node 20 or later.

If you use a version manager like nvm or asdf for Node, confirm the version Claude Code inherits. Open a terminal, run node -v, and note the output. Claude Code uses the Node it sees on PATH at launch, so a shell profile that sets the right version is the reliable path.

Install via npx

Run the package once with npx to verify it starts cleanly:

npx -y @shopify/mcp-server

The first run downloads the package (a few MB) and starts the server on stdio. The server does not print much on success - it waits for MCP protocol messages on stdin. Press Ctrl-C to stop it. The actual runtime setup happens through Claude Code itself in the next step.

If the install fails with a network error, your npm registry may be blocked. Set npm config set registry https://registry.npmjs.org and retry. Behind a corporate proxy, also set HTTP_PROXY and HTTPS_PROXY in your shell.

Add the config block to ~/.claude/settings.json

Open ~/.claude/settings.json in your editor. If the file does not exist yet, create it with {} as the starting content. Add an mcpServers object with an entry for this server:

{
  "mcpServers": {
    "shopify": {
      "command": "npx",
      "args": ["-y", "@shopify/mcp-server"],
      "env": {
        "SHOPIFY_ACCESS_TOKEN": "shpat_XXX",
        "SHOPIFY_SHOP_DOMAIN": "yourshop.myshopify.com"
      }
    }
  }
}

Save the file. If you already have other MCP servers defined, merge the new entry into the existing mcpServers object rather than replacing it.

Restart Claude Code fully (quit and reopen, not just close the window). The server is spawned lazily on the first tool call in a session, not at launch, but the config is read once per Claude Code start.

Verify the connection

Open a new Claude Code session and type /mcp at the prompt. You should see the server listed with a green or connected indicator. If it shows as failed, click into it for the stderr output - the error message usually points at the problem directly (bad token, wrong path, missing Node).

Run a trivial first prompt to confirm round trips work. Good smoke tests:

  • For read servers: ask for a list of whatever resource type it exposes.
  • For write servers: ask for a describe on a known resource first, then try a safe write on a test resource.

If the first prompt works, the wiring is done. From here on you interact with the server purely through normal prompts in Claude Code.

Example prompts that work well

Here are prompts that tend to get good responses once the server is attached:

  • List every product in the Summer 2026 collection and tell me the current inventory count for each variant.
  • Show the last 20 orders placed in the store and the fulfillment status for each.
  • Update the inventory quantity of variant 12345 at location main warehouse to 150.
  • Create a draft order for customer bob@example.com with two units of the Medium T-Shirt variant.
  • Find any orders in the last 30 days that are flagged as high risk by Shopify fraud analysis.
  • Tell me the top 5 best-selling products by quantity over the last 90 days.

Claude will chain tool calls on its own when the prompt implies several steps. For a summarize-then-write flow the model will often call read tools first, then a single write tool at the end. If a prompt keeps burning tool calls, narrow it: specify the resource ID, the time range, or the exact field you want rather than asking Claude to scan everything.

Environment variable security

Two env vars: SHOPIFY_ACCESS_TOKEN for the admin token, SHOPIFY_SHOP_DOMAIN for the store hostname. The token grants everything the custom app was scoped for, so keep it limited to what you actually need. Rotate the token by uninstalling and reinstalling the custom app if it leaks.

A general rule across every MCP server: never paste secrets directly into settings.json that lives in a shared or git-tracked directory. Keep the actual secret values in your shell profile (~/.zshrc, ~/.bashrc, or a 1Password-cli helper), export them at shell start, and reference the variable names from the Claude config. That way the secret stays on your machine and the config file is safe to share with teammates.

On macOS, terminals launched from Spotlight or from the Dock both inherit the shell profile. If you launch Claude Code from a GUI shortcut that does not go through a shell, env vars may not propagate - launch from a terminal instead.

Troubleshooting

Tool calls return 401. The access token is wrong or the app was uninstalled. Recreate the custom app in Shopify admin, install it to the store, and copy the new token into the env var.

Tool calls return access denied for resource. The custom app lacks the scope. Edit the app config in Shopify admin, add the missing scope (e.g., write_inventory), reinstall, and use the new token.

Orders search returns only 250 results. Shopify admin API paginates at 250 per page. Ask Claude to use the page_info cursor to walk through the rest rather than requesting a bigger page.

GraphQL calls get throttled. Shopify allocates a query cost budget. Complex queries burn more cost points. Simplify the fields requested, or ask Claude to wait and retry when the budget refills.

For any issue not listed here, the first step is /mcp inside Claude Code to see the current status and any recent stderr from the server. The second step is running the exact npx command from your terminal to see if the server starts cleanly outside Claude Code. Between those two checks, most problems become obvious within a minute.

Next steps

Once the Shopify server is attached and verified, the useful next move is writing a short prompt template you keep in your notes. List the 3 or 4 prompts you run most often against this server, and paste them into Claude Code when needed. Over a few weeks you build a personal command library that gets real work done without typing much.

For team projects, commit a .mcp.json at the repo root with the same structure. Everyone on the team gets the server wired up automatically on first open, and individual secrets stay in shell profiles. That is the setup pattern that scales past a single developer.

Frequently asked questions

Do I need a paid Shopify account to use this MCP server?

No. The server works with any Shopify plan that issues API credentials or allows client connections. Most free tiers are fine for day-to-day Claude Code use. Rate limits differ by plan though, so if you hit throttling during bulk operations consider upgrading or batching calls.

How do I update the Shopify MCP server to the latest version?

If your config uses `npx -y @shopify/mcp-server`, npx fetches the latest published version on each fresh install. Clear the npx cache with `npx clear-npx-cache` and restart Claude Code to force a pull. For pinned versions, change the package reference to `@shopify/mcp-server@version` in the args array.

Can I use this server with Cursor or other MCP clients?

Yes. The MCP spec is the same across clients. Drop the same config block into `~/.cursor/mcp.json` for Cursor, or the equivalent config file for any other MCP-compatible client. The server itself does not know or care which client connects.

What happens if the server crashes mid-session?

Claude Code detects the dropped connection and marks the server as disconnected. Run `/mcp reconnect shopify` to restart it without losing your conversation. If the crash repeats, check the server stderr through `/mcp` and look for the root cause (usually auth expiry or a malformed input).

Is it safe to run writes through Claude Code?

Claude asks for confirmation before destructive operations in most clients. Still, the server itself runs with whatever credentials you gave it. For production Shopify accounts, use read-only credentials when possible and switch to write credentials only when you have a specific task in mind. Treat the same way you would a shell with root.

How do I see exactly which tool calls Claude is making?

Claude Code exposes a tool call trace in its UI for every response that used tools. Click the tool icon to expand the tool name, the arguments passed, and the response. For audit trails, run Claude Code in verbose mode or pipe its output to a log file; the MCP server itself logs calls to stderr, visible through `/mcp`.