Call Shopify Storefront API from Next.js Server Action: Public vs Private Access Token

Call Shopify Storefront API using public or private access token from Next.js server action

Are you facing challenges while trying to call the Shopify Storefront API using either a public or private access token from your Next.js server action? You're not alone. In this blog post, we will address the confusion and provide a guide to help you navigate through this issue.

Understanding Access Tokens

When building a custom storefront with Next.js, it's crucial to understand the difference between public and private access tokens in Shopify. Public access tokens are typically used for client-side requests, while private access tokens are recommended for server-side interactions.

The Dilemma

You mentioned that using the public access token works perfectly for querying products from Shopify. However, you are concerned about whether it's the right approach for server-side requests. The confusion arises when you switch to a private access token and encounter the requirement to include the Shopify-Storefront-Buyer-IP header to prevent throttling.

Addressing the Challenges

  1. Passing the Shopify-Storefront-Buyer-IP Header: Since you are making requests from a server component in Next.js, you may wonder how to include the Shopify-Storefront-Buyer-IP header. One approach is to retrieve the client's IP address and pass it along with your request. This can help Shopify identify the origin of the request and prevent throttling.

  2. Using X-Shopify-Storefront-Access-Token: When making fetch calls for products from a server component, you can still use the X-Shopify-Storefront-Access-Token header with the value of your public access token. Shopify should recognize that the request is coming from a server and adjust its throttling mechanisms accordingly.


In conclusion, calling the Shopify Storefront API from a Next.js server action using either a public or private access token requires careful consideration of headers and best practices. By understanding the nuances of access tokens and headers, you can ensure smooth communication with the Shopify API without running into throttling issues.

If you have further questions or encounter any challenges, feel free to explore the Shopify documentation or seek assistance from the Shopify community. Happy coding!