Surface preview store auth scopes in store info --json#7949
Merged
Conversation
Contributor
Author
This stack of pull requests is managed by Graphite. Learn more about stacking. |
This was referenced Jun 28, 2026
7554acb to
7e206fe
Compare
307d191 to
c608d3d
Compare
Add an authScopes key to the store info result and populate it from the cached preview-store session scopes. Preview stores aren't a logged-in experience, so the scopes granted at creation time are the only ones available; surfacing them helps humans and agents understand what Admin API operations they can run. The key is always present for preview stores (even when empty). Assisted-By: devx/f38d0794-3b14-4a2a-a849-b95ae665f83d
c608d3d to
518dabd
Compare
dmerand
approved these changes
Jun 29, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.

WHY are these changes introduced?
Preview stores cache the Admin API scopes granted at creation time (see #7948). Since preview stores aren't a logged-in experience, those scopes are fixed and there's no way to grant more later. Consumers — especially agents driving the CLI — need a reliable way to discover which scopes are preapproved without attempting an auth flow that can't work.
Second PR in the stack:
store info --json.store authearly for preview stores #7950 — Exitstore authearly for preview stores, listing the preapproved scopes.WHAT is this pull request doing?
types.ts: add an optionalauthScopes?: string[]field toStoreInfoResult, documenting that it carries the preapproved Admin API scopes (currently only for preview stores).info/index.ts:buildPreviewStoreResultnow always emitsauthScopesfrom the cached preview session scopes — even when empty — so--jsonconsumers can reliably rely on the key being present.No changeset — preview stores aren't released yet.
How to test your changes?
shopify store info --store <preview-store> --json.authScopesarray with the preapproved scopes.Unit tests cover: surfacing cached scopes for a locally stored preview store, emitting the key when empty, and including
authScopesin the JSON output.Checklist