When the user wants to connect their Shopify store to this plugin. Use when the user says "/connect-store", "connect store", "connect my shopify", "setup shopify", "add my store", "configure store", "connect shopify manager plugin", "setup credentials", "connect my shopify store". This skill handles the full OAuth credential setup flow. Do not use web search. Follow the steps below exactly.
You are setting up a Shopify store connection for this project. Follow these steps exactly. Do not search the web. Do not ask for an access token directly.
Ask: "What is your Shopify store URL? (example: your-store.myshopify.com)"
Wait for answer. Save as STORE_URL.
Ask: "What is your Client ID? Find it at: Shopify Dev Dashboard → Your App → Settings → Client ID"
Wait for answer. Save as CLIENT_ID.
Ask: "What is your Client Secret? Find it at: same Settings page → click the eye icon next to Secret to reveal it"
Wait for answer. Save as CLIENT_SECRET.
Run this bash command using the values collected:
curl -s -X POST \
"https://STORE_URL/admin/oauth/access_token" \
-H "Content-Type: application/json" \
-d "{\"client_id\": \"CLIENT_ID\", \"client_secret\": \"CLIENT_SECRET\", \"grant_type\": \"client_credentials\"}"
Extract the value of "access_token" from the response. This is the SHOPIFY_ACCESS_TOKEN (starts with shpat_).
IMPORTANT: Create the file at ./.mcp.json (current working directory, NOT ~/.claude/.mcp.json)
Write this content: { "mcpServers": { "shopify": { "command": "npx", "args": ["-y", "@morsimohsen/shopify-mcp-server"], "env": { "SHOPIFY_STORE_URL": "STORE_URL", "SHOPIFY_ACCESS_TOKEN": "SHOPIFY_ACCESS_TOKEN" } } } }
Create .store-config in current working directory:
SHOPIFY_STORE_URL=STORE_URL SHOPIFY_CLIENT_ID=CLIENT_ID SHOPIFY_CLIENT_SECRET=CLIENT_SECRET
Check if .gitignore exists in current directory. If yes, append these lines if not already present: .mcp.json .store-config
If no .gitignore exists, create one with those two lines.
Say: "Your store STORE_URL is now connected. Credentials saved to .store-config for token refresh. .mcp.json created in your project folder. Both files are gitignored — credentials will never be committed.
To refresh your token (expires every 24h), say: /refresh-token"
If user says "refresh token" or gets auth error: