What is Shopify GraphQL?
I spoke with a Shopify merchant last week who had three different apps making dozens of REST calls just to render a product page. Each response carried 90% data the app never used. One migration to GraphQL later, those dozens of calls became three.
GraphQL is a query language for APIs, originally released by Facebook as open source in 2015. The core idea: you define exactly which data fields you need, and the API returns precisely that. Nothing more, nothing less. With a traditional REST API, you hit a fixed endpoint and receive a predefined data structure, often loaded with fields your application never touches.
Shopify introduced GraphQL in 2018. As of October 2024, the REST Admin API is officially legacy. Since April 2025, all new public apps in the Shopify App Store must use the Shopify GraphQL Admin API documentation exclusively. This is not an optional recommendation, it is the direction Shopify is taking.
For developers and store owners working with the Shopify API, GraphQL is no longer a nice-to-have. It is the standard. And after the initial learning curve, it is genuinely more efficient than REST.
GraphQL vs REST on Shopify
The decision between GraphQL and REST on Shopify is no longer a decision. It has been made. Still, the direct comparison helps to understand why Shopify chose this path and where the practical differences matter.
| Criterion | GraphQL | REST (Legacy) |
|---|---|---|
| Data fetching | Returns exactly the requested fields | Fixed response structure with overfetching |
| Endpoints | Single endpoint for all operations | Dozens of individual endpoints |
| Nested data | Related data in a single request | Multiple requests required |
| Versioning | Quarterly (2026-01, 2026-04) | Quarterly, but legacy status |
| Rate limits | Cost-based: 100 points/second (Standard) | Request-based: 2 requests/second |
| Bulk operations | Native support for large datasets | Not available |
| Learning curve | Steeper entry, faster productivity | Easier start, higher complexity at scale |
| Future | Active development | Legacy since October 2024 |
The most important difference in practice: overfetching. When you query a customer's orders via REST, you receive the complete order structure every time. With GraphQL, you specify in your query that you only need the order number, date, and total amount. That saves bandwidth, reduces load times, and makes your application more efficient.
Setting up the Shopify GraphQL Admin API
I had a conversation with a store owner recently who assumed GraphQL was only for large development teams. He had his first query running within 20 minutes. The barrier to entry is lower than most people expect.
For the Shopify GraphQL Admin API, you need three things: a Shopify store with custom app access, an Admin API access token, and an HTTP client. Shopify also offers the GraphiQL Explorer directly in the admin panel, ideal for testing queries before moving them into production code.
In the Shopify Admin under Settings > Apps and Sales Channels > Develop Apps, create a new custom app.
Select the required Admin API scopes: read_products, write_products, read_orders, depending on your use case.
After installing the app, copy the Admin API access token. This token is displayed only once.
Send the token as an X-Shopify-Access-Token header to the GraphQL endpoint and execute your first query.
The GraphQL endpoint for the Admin API follows this pattern:
POST https://{your-store}.myshopify.com/admin/api/2026-01/graphql.jsonHere is a simple first query using curl that retrieves your shop information:
curl -X POST \
https://your-store.myshopify.com/admin/api/2026-01/graphql.json \
-H 'Content-Type: application/json' \
-H 'X-Shopify-Access-Token: your-access-token' \
-d '{
"query": "{ shop { name email myshopifyDomain } }"
}'
Essential queries and mutations
GraphQL distinguishes between queries (reading data) and mutations (changing data). In practice, you will use both daily. These are the operations I set up first in nearly every Shopify project.
Querying products
query {
products(first: 10) {
edges {
node {
id
title
status
variants(first: 5) {
edges {
node {
price
inventoryQuantity
sku
}
}
}
}
}
}
}This query fetches the first 10 products with up to 5 variants each. You get ID, title, status, price, inventory, and SKU in a single call. With REST, you would first query the products, then load the variants for each product separately.
Querying orders
query {
orders(first: 5, sortKey: CREATED_AT, reverse: true) {
edges {
node {
id
name
createdAt
totalPriceSet {
shopMoney {
amount
currencyCode
}
}
customer {
firstName
lastName
email
}
}
}
}
}Orders, customer data, and prices in a single request. The sortKey and reverse parameters sort by creation date descending. This is the kind of efficiency you do not want to give up once you have experienced it.
Creating a product (mutation)
mutation {
productCreate(input: {
title: "Premium Garden Tool Set"
productType: "Garden Supplies"
vendor: "GardenPro"
status: DRAFT
}) {
product {
id
title
status
}
userErrors {
field
message
}
}
}Mutations always return a userErrors array. This is not optional, it is your primary error channel. If userErrors is empty, the operation succeeded. If not, the message field tells you exactly what went wrong.
| Operation | Type | Use case |
|---|---|---|
| products | Query | Fetch product data, variants, and inventory levels |
| orders | Query | Load orders with customer and pricing data |
| customers | Query | Query customer data and order history |
| productCreate | Mutation | Create a new product with variants |
| productUpdate | Mutation | Update existing product data |
| orderMarkAsPaid | Mutation | Mark an order as paid |
| inventoryAdjustQuantities | Mutation | Update inventory levels |
Pagination and large datasets
Shopify GraphQL uses cursor-based pagination. Instead of page 1, 2, 3, you receive a cursor pointing to the next record. This is more reliable than offset-based pagination, especially with large and frequently changing datasets.
query {
products(first: 50, after: "eyJsYXN0X2lkIjoxMjM0NTY3ODkwfQ==") {
edges {
node {
id
title
}
cursor
}
pageInfo {
hasNextPage
endCursor
}
}
}pageInfo.hasNextPage tells you whether more data exists. pageInfo.endCursor is the value you pass as the after parameter in your next request. That is how you iterate through the entire dataset, reliably and without skipping records.
Rate limits and performance
Shopify does not calculate rate limits by request count. Instead, every query has a calculated cost value based on the number of objects and connections it requests. The system is called Calculated Query Cost, and understanding it is the difference between a smooth integration and a throttled one.
100 cost points per second, bucket of 1,000 points
Double capacity for growing stores
Enterprise capacity for high-volume operations. Source: Shopify rate limits documentation
Query costs are calculated before execution (requestedQueryCost). After execution, the actual consumption is determined (actualQueryCost), and the difference is refunded. You can optimize the cost of any query in advance by requesting only the fields you actually need.
{
"extensions": {
"cost": {
"requestedQueryCost": 42,
"actualQueryCost": 28,
"throttleStatus": {
"maximumAvailable": 1000,
"currentlyAvailable": 972,
"restoreRate": 100
}
}
}
}Send the header Shopify-GraphQL-Cost-Debug: 1 with your requests to get a detailed cost breakdown per field. This is the fastest way to identify expensive queries and optimize them before they hit production.
Storefront API with GraphQL
Beyond the Admin API, Shopify offers a second GraphQL interface: the Storefront API. It is designed for customer-facing applications, meaning custom storefronts, mobile apps, and headless commerce projects with Shopify Hydrogen.
| Feature | Admin API | Storefront API |
|---|---|---|
| Purpose | Backend management (products, orders, customers) | Frontend experiences (custom storefronts, apps) |
| Authentication | Access token required (server-side) | Storefront access token (can be used in frontend) |
| Data access | Full access to store data | Public data only (products, collections, checkout) |
| Rate limits | Cost-based (100-1,000 pts/s) | No request rate limits, complexity limit only |
| IDs | Standard Global IDs | Base64-encoded IDs |
For headless commerce, the recommended stack is Storefront API combined with Hydrogen and Shopify Oxygen. The Storefront API intentionally has no request rate limits, designed to handle traffic spikes like flash sales without throttling.
GraphQL in practice: automation with AI
Open the dashboard of a mid-sized e-commerce store and you see immediately why manual API calls do not scale. Hundreds of products, daily inventory changes, seasonal pricing adjustments. This is where GraphQL combined with AI employees becomes genuinely powerful.
An AI employee can query product data through the GraphQL Admin API to advise customers in real time. It knows inventory levels, prices, variants, and availability without anyone manually maintaining that data. Signed, an online retailer for custom and decorative signs, deployed Qualimero's digital employee Alex to handle customer inquiries on Instagram and TikTok. The result: 18x ROI, 70% customer support automation, and a 30% increase in upselling. Read the full Signed case study.
The connection works in reverse too. Shopify Webhooks URL PENDING] can serve as triggers for automated GraphQL mutations. New order received? The AI employee checks inventory via GraphQL and updates availability. Customer question via WhatsApp? It fetches order data with a query and responds in seconds. Combined with [AI product consultation, this creates a fully automated advisory layer running on live shop data.
An AI employee uses the Shopify GraphQL API to advise your customers in real time, based on live product data, inventory levels, and order history. Our clients see cart value increases of up to 35%.
Book a demoCommon errors and troubleshooting
After hundreds of GraphQL integrations, I know the five errors nearly every developer hits at the start. Here they are, each with its fix.
- Authentication error (401): The X-Shopify-Access-Token header is missing or invalid. Verify that the token was copied correctly and the app is installed.
- Missing scopes (403): The app lacks the required API permissions. Add the missing scopes in the Shopify Admin under app settings and regenerate the token.
- Query syntax errors: GraphQL is strictly typed. A missing comma or incorrect nesting causes an immediate parsing error. Use the GraphiQL Explorer to test queries before moving them into code.
- Rate limit exceeded (THROTTLED): Query costs exceed the available budget. Reduce the number of objects per query or switch to Bulk Operations for large datasets.
- Type errors in mutations: Incorrect input types, such as a string where an ID is expected or a missing required parameter. Check the userErrors in the response for the affected field and error message.
FAQ
Yes. GraphQL is Shopify's primary API technology for reading and modifying store data. Since April 2025, all new public Shopify apps must use the GraphQL Admin API exclusively. The REST Admin API has been classified as legacy since October 2024.
For new projects, yes. GraphQL eliminates overfetching, allows nested queries in a single request, and offers native Bulk Operations support for large datasets. Shopify is investing exclusively in GraphQL and no longer actively developing the REST API.
You send an HTTP POST request to your store's GraphQL endpoint with an access token in the header. The request body contains a GraphQL query or mutation as JSON. The endpoint follows this pattern: https://your-store.myshopify.com/admin/api/2026-01/graphql.json.
Shopify uses cursor-based pagination. Each query returns a pageInfo object with hasNextPage and endCursor. Pass the endCursor value as the after parameter in your next request to load the next page of results.
Rate limits are based on calculated query costs, not requests per second. Standard stores receive 100 cost points per second with a bucket of 1,000 points. Advanced stores get 200 points, and Shopify Plus stores receive 1,000 points per second.
GraphQL allows more efficient data retrieval, reduces API call volume, and gives Shopify better visibility into which fields apps actually use. This enables faster API evolution and more targeted deprecation of unused features. Existing REST integrations continue to work, but all new development should use GraphQL.
An AI employee accesses your product data through the GraphQL API and advises customers in real time. No coding required, no flow builder, with genuine product understanding.
Book a free demo
Lasse is CEO and co-founder of Qualimero. After completing his MBA at WHU and scaling a company to seven-figure revenue, he founded Qualimero to build AI-powered digital employees for e-commerce. His focus: helping businesses measurably improve customer interaction through intelligent automation.
