Skip to content

Comments

feat: add client credentials grant support#335

Closed
aurel282 wants to merge 1 commit intobold-commerce:masterfrom
aurel282:feature/client-credentials-grant
Closed

feat: add client credentials grant support#335
aurel282 wants to merge 1 commit intobold-commerce:masterfrom
aurel282:feature/client-credentials-grant

Conversation

@aurel282
Copy link

@aurel282 aurel282 commented Dec 30, 2025

Summary

This PR adds support for the OAuth 2.0 client credentials grant flow for server-to-server authentication with Shopify.

Features

  • GetClientCredentialsToken() - Fetches a single access token using client credentials
  • TokenManager - Manages automatic token caching and refresh for long-running services
    • Thread-safe concurrent access
    • Configurable refresh buffer (default: 1 hour before expiry)
    • ForceRefresh() for manual token refresh
    • GetTokenInfo() for monitoring token state
    • ClearToken() to invalidate cached token

Use Case

The client credentials grant is designed for server-to-server authentication where user interaction is not possible, such as:

  • Background jobs
  • Cron tasks
  • Microservices
  • Long-running processes

Note: The app must already be installed in the shop to use this flow.

Token Lifecycle

Shopify client credentials tokens expire after 24 hours. The TokenManager automatically handles refresh before expiry, making it suitable for services that need continuous API access.

Documentation

Testing

All new functionality includes comprehensive unit tests covering:

  • Basic token fetching
  • Token caching behavior
  • Concurrent access safety
  • Token expiry and refresh
  • Context cancellation
  • Error handling

@aurel282
feat: add client credentials grant support
115c9e0 
Implements OAuth 2.0 client credentials grant flow for server-to-server
authentication with Shopify.

Features:
- GetClientCredentialsToken() for single token fetch
- TokenManager for automatic token caching and refresh
- Thread-safe concurrent access support
- Configurable refresh buffer (default 1 hour before expiry)

Shopify client credentials tokens expire after 24 hours. The TokenManager
handles automatic refresh before expiry, making it suitable for long-running
services like background jobs and cron tasks.

See: https://shopify.dev/docs/apps/build/authentication-authorization/access-tokens/client-credentials-grant
@aurel282 aurel282 marked this pull request as ready for review December 30, 2025 15:16
@oliver006
Copy link
Collaborator

oliver006 commented Dec 31, 2025

I think this was already added recently in #333 ?

@aurel282
Copy link
Author

aurel282 commented Dec 31, 2025

@oliver006 you are right.

@aurel282 aurel282 closed this Dec 31, 2025
@aurel282 aurel282 deleted the feature/client-credentials-grant branch December 31, 2025 14:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@aurel282 @oliver006