Shopify OAuth2 + HTTP Request node — "refreshToken is required" error (2026 Dev Dashboard setup)

Tim_Jacobs · March 19, 2026, 12:29pm

Describe the problem/error/question

Shopify OAuth2 + HTTP Request node — "refreshToken is required" error (2026 Dev Dashboard setup)

Hi everyone,

I'm trying to connect n8n Cloud to Shopify using the HTTP Request node to run paginated GraphQL queries against the Admin API. I've hit a wall with authentication and would appreciate any help.

My setup

n8n Cloud (latest)
Shopify Partners Dev Dashboard app (created Jan 2026 — legacy custom apps no longer available)
Authentication: Shopify OAuth2 API credential in n8n
HTTP Request node, POST to https://[store].myshopify.com/admin/api/2026-01/graphql.json

What I've done

Created an app in the Shopify Partners Dev Dashboard
Added the n8n OAuth Redirect URL (https://oauth.n8n.cloud/oauth2/callback) to the app's Allowed Redirect URLs
Released the app and installed it on my store
In n8n, created a Shopify OAuth2 API credential with Client ID, Client Secret, and shop subdomain
Clicked Connect — got "Connection successful"
Set the HTTP Request node to use Predefined Credential Type → Shopify OAuth2 API
Hit Execute Step → Error: "refreshToken is required"

What I've tried

Reconnecting the credential multiple times
Deleting and recreating the credential from scratch
Each time I get "Connection successful" but the HTTP Request still fails with the same error

The core issue

It seems Shopify's OAuth2 flow doesn't return a refresh token, but n8n's Shopify OAuth2 credential expects one. Since legacy custom apps (and their shpat_ access tokens) are no longer available as of Jan 1 2026, I'm stuck — OAuth2 is the only option but it doesn't seem to work either.

Questions

Has anyone successfully connected n8n to Shopify via the new Partners Dev Dashboard in 2026?
Is there a workaround for the missing refresh token?
Is the Access Token credential type still viable somehow in 2026?

Any help appreciated — happy to share more details about my setup.

Thanks

What is the error message (if any)?

Please share your workflow

Share the output returned by the last node

Output from last node

Error from the HTTP Request node:

Error code: ERR_ASSERTION
Message: refreshToken is required
Request details:
{
  "body": {
    "query": "{ orders(first: 250, after: null, query: \"created_at:>2026-01-16\") { pageInfo { hasNextPage endCursor } edges { node { lineItems(first: 50) { edges { node { quantity variant { id sku displayName inventoryQuantity product { id } } } } } } } } }"
  },
  "headers": {
    "accept": "application/json,text/html,application/xhtml+xml,application/xml,text/*;q=0.9,image/*;q=0.8,*/*;q=0.7",
    "Authorization": "**hidden**",
    "X-Shopify-Access-Token": "**hidden**"
  },
  "method": "POST",
  "uri": "https://raoptics.myshopify.com/admin/api/2026-01/graphql.json",
  "gzip": true,
  "rejectUnauthorized": true,
  "followRedirect": true,
  "resolveWithFullResponse": true,
  "sendCredentialsOnCrossOriginRedirect": false,
  "followAllRedirects": true,
  "timeout": 300000,
  "encoding": null,
  "json": false,
  "useStream": true
}

Thanks

Information on your n8n setup

n8n version: n8n Cloud (latest — cloud is always kept up to date automatically)
Database: Not applicable
EXECUTIONS_PROCESS setting: Not applicable
Running n8n via: n8n Cloud
Operating system: MacOS

Anshul_Namdev · March 19, 2026, 12:41pm

Hi @Tim_Jacobs Welcome!
Have you tried switching to Access token from Oauth2 API? Like goto your API credentials in shopify app and copy that admin API access token , and then use that as credentials let me know if that fixes the issue

Benjamin_Behrens · March 19, 2026, 1:32pm

yeah this is a real blocker with the new shopify oauth setup — partners dashboard doesnt seem to issue refresh tokens like n8n expects. try swapping to a custom http request with manual token management instead of the credential type. could be an n8n bug that needs fixing but for now that might get you unstuck. whats the use case — just bulk order exports?

Tim_Jacobs · March 19, 2026, 2:27pm

Appreciate the reply and suggestion, Benjamin! Don’t Shopify’s OAuth access tokens expire? Without a refresh token, you’d need to re-authenticate manually every time the token expires, which defeats the purpose of automation. I could be wrong…

Use case is a scheduled workflow that pulls 60 days of orders to calculate sales velocity, flags low stock variants, and suggests what inevntory to purchase based on the custom app I built.

Tim_Jacobs · March 19, 2026, 2:31pm

Hi Anshul, appreciate the reply! And thank you. I see what you mean, but Shopify removed the legacy custom app flow entirely as of January 2026 (some merchants on Shopify Plus may still see it tho). The Partners Dashboard OAuth app now seems the only option, which means we need a different approach to authenticate n8n with Shopify.

Benjamin_Behrens · March 19, 2026, 2:34pm

shopify offline tokens dont expire — theyre permanent until manually revoked, so no re-auth loop to worry about. the refreshToken error is n8n being buggy: its trying to refresh a token that doesnt need refreshing. switch to a generic Header Auth credential in n8n (name: X-Shopify-Access-Token, value: your token from the oauth callback) instead of the shopify oauth2 credential type. that sidesteps the n8n bug entirely and works fine for scheduled workflows.

Tim_Jacobs · March 19, 2026, 10:14pm

Interesting! Thanks @Benjamin_Behrens, really helpful. If you don’t mind, I have a few follow-up questions so I can get this fully working:

How do I actually retrieve the access token value from the OAuth callback? When I connect in n8n I see “Account connected” but there’s no field where I can copy the token itself. Where does it live?
Once I have the token, for the Header Auth credential in n8n — do I set both the Name AND Value to X-Shopify-Access-Token and the token respectively, or is there a specific format it expects?
Is the token I get from the OAuth flow the same as what Shopify calls the “offline access token” i.e. it’s permanent and never needs refreshing as long as the app stays installed?
Should I remove the manual X-Shopify-Access-Token header I currently have in the HTTP Request node’s Send Headers section once I switch to the Header Auth credential, to avoid sending duplicate auth headers?

Sincerely appreciate your help!

Benjamin_Behrens · March 20, 2026, 7:53am

good questions. to get the actual token: you’ll need to do the oauth exchange manually outside n8n. construct the authorization url for your shopify app, complete the flow in your browser, then exchange the code from the callback for a token via POST to https://[store].myshopify.com/admin/oauth/access_token with your client_id, client_secret, and code. that’s your permanent offline access token.

for header auth in n8n: Name = X-Shopify-Access-Token, Value = the token. that’s all it needs.

and yes — that token is the offline access token, permanent, no expiry, revoked only if you uninstall the app.

last one: yes, remove the manual header from the HTTP Request node once you’re on Header Auth to avoid duplicates.