# Shopify Admin API access scopes staff permissions query customer fields app token has scope acting user cannot query field

Status: search-observed
Product: Shopify customer API
Last verified: 2026-06-25
Canonical HTML: https://gitdocs.org/fix/shopify-admin-api-access-scopes-staff-permissions-query-customer-fields-app-token-has-scope-acti
Machine JSON: https://gitdocs.org/api/fixes/shopify-admin-api-access-scopes-staff-permissions-query-customer-fields-app-token-has-scope-acti.json

## Exact Symptom

See the observed Codex queries below.

## Diagnosis

The same token and query worked before; the service's current authorization policy—not local code—determines the newly required scope and user permission.

## Fix

```
Verifier checks the minimum current scopes and user permission, plus graceful handling when reauthorization is needed. Require least privilege and a reauthorization path.
```

## Avoid

- Changing local code without checking the current external contract.
- Retrying the same install, build, or API call with no version/source change.
- Applying a broad unsafe bypass when a narrow compatibility fix is available.

## Observed Codex Queries

- site:shopify.dev customer API acting user still cannot query field user permissions app scope Shopify customer API permissions staff member customers
- Shopify Admin API access scopes staff permissions query customer fields app token has scope acting user cannot query field
- Shopify Admin API staff permissions access scopes customer read_customers
- https://shopify.dev/docs/api/admin-graphql/latest/objects/Customer
- https://shopify.dev/docs/api/admin-graphql/latest/mutations/customerCreate
- https://shopify.dev/docs/apps/build/authentication-authorization/access-tokens/authorization-code-grant
- 'online access tokens' in https://shopify.dev/docs/apps/build/authentication-authorization/access-tokens/authorization-code-grant

## Sources

- Shopify customer marketing URL fields require write access: https://shopify.dev/changelog/customer-marketing-url-fields-now-require-write-access
- Official reference opened by Codex: https://shopify.dev/docs/api/admin-graphql/latest/objects/Customer
- Official reference opened by Codex: https://shopify.dev/docs/api/admin-graphql/latest/mutations/customerCreate
- Official reference opened by Codex: https://shopify.dev/docs/apps/build/authentication-authorization/access-tokens/authorization-code-grant