Permissions

This page explains what permissions EcomCoder requests and why. We follow the principle of least privilege — we only ask for what's needed to deliver the product.

OAuth Permissions

When you connect your store via OAuth, EcomCoder requests access to:

Scope	Purpose
Theme access	Read and write theme files (Liquid, CSS, JS, assets)

This is the minimum required to duplicate your theme and apply AI-generated changes. No other store data is accessed via OAuth.

Admin API Scopes

If you choose to add an Admin API token (optional, for Products and Assets features), the required scopes are:

Scope	Access	Purpose
`read_products`	Read-only	View product titles, handles, metafields, variants
`write_products`	Read & write	Update product metafields and variant metafields

Optional

The Admin API token is optional. Without it, the AI Assistant, Prompt Library, Themes, and Publishing features all work normally. You only need it for the Products, Shop, and Assets features.

What EcomCoder Cannot Access

EcomCoder does not have access to — and never requests — the following:

Orders — Order history, fulfillment, refunds
Customers — Customer data, emails, addresses
Finances — Revenue, payouts, billing information
Analytics — Store analytics, reports, traffic data
Inventory — Stock levels, warehouse locations
Shipping — Shipping rates, carrier accounts
Store settings — Payment providers, taxes, checkout configuration

Data Safety

Summary

All editing happens on a duplicate theme — your live store is untouched
You control when changes go live via the Publish feature
OAuth tokens are stored securely and encrypted at rest
Admin API tokens are transmitted over HTTPS and never logged
You can revoke access at any time from your Shopify admin

Revoking Access

To disconnect EcomCoder:

Go to your Shopify Admin > Settings > Apps and sales channels
Find EcomCoder in the list
Click Delete to revoke OAuth access
If you created an Admin API app, delete it from Develop apps to revoke the API token