How to Give Metricfixer Safe Shopify Access

Use this guide when Metricfixer needs access to a Shopify store, Shopify theme, custom storefront, customer events setup, app configuration, checkout-related flow, product feed, or tracking implementation to diagnose an issue and apply approved fixes safely.

When to use this guide

This guide applies when the support task involves Shopify or Shopify Plus. It is especially useful for theme fixes, tracking and pixel diagnostics, checkout flow checks, product or feed issues, app configuration, custom apps, Hydrogen or custom storefronts, and ecommerce measurement problems.

Typical cases include:

• fixing Shopify theme issues, Liquid snippets, sections, templates, scripts, styles, or storefront behavior;
• repairing cart, checkout, post-purchase, thank-you page, or order-status tracking where Shopify access is needed;
• diagnosing GA4, Meta Pixel, TikTok Pixel, Google Ads, Customer Events, custom pixels, or app pixel behavior;
• checking product, collection, variant, price, market, language, or feed-related configuration;
• reviewing Shopify apps, app settings, sales channels, custom apps, or API integration issues;
• working on Shopify GitHub theme integration, Theme Access, Shopify CLI, Hydrogen, or a custom storefront connected to Shopify.

Preferred workflow

Metricfixer normally uses the following Shopify workflow:

1. Confirm the store URL, myshopify.com domain, affected page, expected result, actual result, and business impact in the ticket.
2. Start with screenshots, public URLs, theme preview links, app screenshots, pixel helper output, order IDs, logs, or redacted examples when direct access is not required.
3. Use Shopify Partner collaborator access with limited permissions for store-admin work.
4. Use GitHub repository access and pull requests for custom theme, Hydrogen, or custom storefront code when a repository exists.
5. For theme changes, work on a duplicate or unpublished theme first whenever possible.
6. Use test products, test discounts, draft orders, sandbox payments, or low-risk test orders where possible.
7. Publish a theme, connect a pixel, change checkout behavior, install an app, or deploy to production only after client approval.
8. Revoke collaborator, staff, Theme Access, app, API, and GitHub access after the ticket is completed.

Choose the minimum safe access level

1. No direct access

Use this for an initial review when Metricfixer can diagnose the issue from public pages, screenshots, browser console output, Shopify admin screenshots, pixel helper output, theme preview links, redacted configuration examples, or a short screen recording.

2. Shopify collaborator access

This is the preferred access method for most Shopify admin tasks. A collaborator account lets Metricfixer access only the sections of your store that you approve. Please share the collaborator request code if Metricfixer asks for it, then approve only the permissions required for the task.

3. Limited staff account

Use a temporary staff account only when a collaborator account cannot perform a required task. The staff account should use a dedicated Metricfixer email address, not your personal login, and should be limited to the specific role or permissions needed for the ticket.

4. Theme-only access

If Metricfixer only needs to work on theme code, you can use a duplicate theme, Shopify GitHub integration, or Shopify Theme Access. Theme Access should be treated like a temporary secret and revoked after completion.

5. GitHub repository access

If your Shopify theme, Hydrogen storefront, custom app, or integration code is stored in GitHub, provide repository access with Write permission so Metricfixer can create a branch and pull request. Do not provide organization Owner or repository Admin access unless a separate repository-management task requires it.

6. Customer Events, pixels, and tracking access

If the task involves Customer Events, custom pixels, app pixels, GA4, Meta, TikTok, Google Ads, consent, or server-side tracking, Metricfixer may need access to the relevant Shopify area and to the connected analytics or advertising platforms. Grant only the platforms and permissions required for the approved scope.

7. App, custom app, or API access

App and API access should be handled carefully because it can expose order, customer, product, payment, or store data. Provide only the specific app settings, custom app permissions, API scopes, development dashboard access, or redacted logs required for the task. Do not create broad Admin API tokens unless Metricfixer specifically confirms the exact scopes needed.

8. Production changes

Use production access only when the issue cannot be reproduced or fixed through screenshots, preview links, a duplicate theme, GitHub pull request, staging store, or limited settings review. Any live theme publish, live checkout change, app install, payment setting change, or tracking activation requires written approval in the ticket.

Before you provide access

Please add the following information to the ticket:

• primary store URL and myshopify.com domain;
• whether the store is Shopify, Shopify Plus, a development store, or a Shopify organization with multiple stores;
• affected page, product, collection, cart, checkout, thank-you page, order status page, market, language, or customer journey;
• theme name and whether we should work on the live theme, an existing duplicate theme, or a new duplicate theme;
• GitHub repository URL if theme, Hydrogen, custom storefront, or app code is version-controlled;
• names of relevant apps, pixels, sales channels, consent tools, payment providers, feed tools, or analytics tools;
• test product, test discount, test customer account, draft order, or test order instructions if the issue affects cart, checkout, purchase, or tracking;
• recent example order ID, checkout ID, event ID, or timestamp where relevant, preferably without unnecessary personal data;
• whether the issue affects live orders, payments, fulfillment, tax, shipping, subscriptions, ads optimization, or customer data collection;
• confirmation that a theme backup, duplicate theme, export, or rollback method exists before live changes.

Recommended permissions by task

The exact Shopify permission names can vary by plan, organization setup, and current Shopify role system. Use the narrowest equivalent permissions available in your Shopify admin.

Theme, storefront, and Liquid fixes

• Grant access to Online Store and Themes only if theme code, sections, templates, or theme settings need to be inspected or changed.
• Use a duplicate or unpublished theme for development whenever possible.
• Share a theme preview link for review before publishing.
• Do not grant payment, payout, billing, customer export, or unrelated app access for theme-only work.

Tracking, pixels, and Customer Events

• Grant access to Customer Events, custom pixels, app pixels, or the relevant sales channel only if the tracking task requires it.
• Provide limited access to GA4, Google Tag Manager, Meta Events Manager, TikTok Ads, Google Ads, consent tools, or server-side tracking only when those systems are involved.
• Provide a test scenario such as product view, add to cart, checkout started, purchase, form submit, subscription, or lead event.
• Do not provide advertising account billing or business-owner access when the task only requires event diagnostics.

Products, collections, feeds, and Merchant Center issues

• Grant product, collection, catalog, sales channel, feed app, or Google & YouTube app access only if the task involves those areas.
• Provide example product handles, variant IDs, SKU examples, feed item IDs, Merchant Center diagnostics, or screenshots where possible.
• Do not grant order, customer, payment, payout, or staff management access for product/feed-only work.

Orders, checkout, payment, and subscriptions

• Prefer test orders, draft orders, sandbox payment settings, or redacted order examples.
• Grant order access only when order data is required for the approved task.
• Do not grant refund, fulfillment, payout, tax, shipping, or payment-setting permissions unless the task specifically requires them.
• Never send full payment card numbers, bank account credentials, payout credentials, payment-provider owner passwords, or live payment secret keys.

Apps, custom apps, and API integrations

• Grant access only to the app or channel involved in the task.
• Do not install new apps, approve app charges, change app billing, or create custom app API credentials without explicit approval.
• If an Admin API token is required, create a dedicated token with only the exact scopes approved for the task and rotate or delete it after completion.
• For custom apps or development dashboard work, a limited staff account may be required instead of collaborator access.

Theme changes and preview safety

Theme work should avoid direct live edits whenever possible.

• Duplicate the current theme before making risky changes.
• Name the duplicate clearly, for example Metricfixer - ticket 1234 - June 2026.
• Use Shopify preview links, merchant preview, or a protected preview flow for review.
• For code-managed themes, prefer GitHub branches and pull requests.
• Do not publish a new theme until the client approves the preview.
• Keep the previous live theme available as a rollback option after publishing.

Shopify Plus and checkout-related work

Checkout-related changes are sensitive because they can affect orders, payments, taxes, shipping, subscriptions, and conversion tracking.

• Tell Metricfixer whether your store is on Shopify Plus.
• Use test orders and sandbox payment methods where possible.
• Do not give payment provider owner access or live payment secrets for normal checkout diagnostics.
• Any checkout, customer account, post-purchase, thank-you page, order-status, subscription, shipping, tax, or payment setting change requires explicit written approval.
• If the change may affect customers, agree on a short verification window and rollback approach before production activation.

Customer data and privacy

Shopify stores can contain customer names, emails, addresses, orders, payment-related records, fulfillment information, and marketing identifiers. Share only what is required for the task.

• Use test orders or redacted screenshots when possible.
• Provide order IDs, timestamps, event IDs, or anonymized examples instead of full customer exports.
• Do not upload unnecessary customer lists, full order exports, full customer exports, government IDs, health data, children’s data, or unrelated sensitive information.
• If a pixel or custom event collects customer data, make sure your own privacy notices, cookie banner, consent settings, and legal requirements are handled by your team or legal advisor.
• Metricfixer provides technical support and does not provide legal advice about privacy, tax, payment, or consumer-protection compliance.

What not to provide

Please do not provide the following unless Metricfixer explicitly confirms that it is necessary for the approved scope:

• your Shopify store owner password or personal staff password;
• Store Owner, Administrator, organization owner, billing, payout, or full staff-management access for a normal support task;
• payment provider owner access, live payment secret keys, webhook signing secrets, payout settings, bank credentials, or full card data;
• full customer exports, full order exports, private customer files, government IDs, health data, children’s data, or unrelated sensitive data;
• unrestricted Admin API tokens, broad custom app scopes, or permanent API credentials;
• access to unrelated stores, unrelated Shopify organizations, unrelated apps, unrelated ad accounts, or unrelated repositories;
• domain registrar owner access or DNS owner access unless the task requires domain-level changes;
• approval to install paid apps, buy paid themes, approve app charges, issue refunds, capture payments, fulfill orders, or change payouts unless the ticket specifically requires that action.

If there is no safe preview or duplicate theme

If a change must be made directly on the live store, the ticket should clearly confirm:

• why a duplicate theme, preview, GitHub branch, or staging store cannot be used;
• exactly what will be changed;
• who approves the live change;
• that a theme duplicate, export, or rollback method exists where possible;
• the preferred verification window if the change affects cart, checkout, payments, orders, subscriptions, fulfillment, analytics, or advertising optimization;
• who will test the result immediately after the live change.

How to revoke access after completion

After the ticket is completed, please revoke or reduce all temporary access created for Metricfixer.

1. Remove the Metricfixer collaborator account from Shopify if ongoing access is not needed.
2. Disable or delete any temporary staff account created for the ticket.
3. Delete Theme Access passwords, API tokens, custom app credentials, or app-specific tokens created for the work.
4. Remove GitHub repository access or deploy keys if they were used only for this ticket.
5. Remove temporary access to GA4, GTM, Meta, TikTok, Google Ads, consent tools, feed tools, payment providers, or other connected platforms.
6. Rotate any secret, token, API key, webhook secret, or password that was shared temporarily.
7. Keep the final pull request, theme duplicate name, preview link, published theme version, screenshots, and ticket notes for your records.

Helpful official references

• Shopify collaborator accounts
• Shopify roles and permissions
• Duplicating Shopify themes
• Sharing a Shopify theme preview
• Shopify GitHub integration for themes
• Shopify Theme Access
• Shopify pixels and customer events
• Shopify apps and custom apps