Support expiring offline OAuth tokens with refresh token flow (Shopify update, December 10, 2025) #1234
Description
Description
Currently, ShopifySharp’s OAuth helpers only support non-expiring offline tokens and online tokens. Shopify introduced expiring offline tokens with refresh tokens in 2025.
We’d like ShopifySharp to provide first-class support for this flow, including:
- Requesting expiring offline tokens (expiring=1) in AuthorizeAsync
- Returning access_token, expires_in, refresh_token, refresh_token_expires_in
- Helper methods to refresh access tokens automatically
Use Case
- Long-running server apps need offline tokens that rotate securely
- Apps must handle token expiry & refresh automatically
- Developers shouldn’t need to manually implement HTTP requests for this
Example
var tokenResponse = await shopifyOauthUtility.AuthorizeAsync(new AuthorizeOptions
{
Code = code,
ShopDomain = shopDomain,
ClientId = clientId,
ClientSecret = clientSecret,
Expiring = true // proposed new property
});
// tokenResponse.RefreshToken
// tokenResponse.ExpiresIn
Benefit
- Keeps ShopifySharp fully aligned with Shopify’s latest OAuth specs
- Simplifies adoption of expiring offline tokens for developers
- Reduces boilerplate and potential mistakes with manual HTTP requests
References
Shopify dev docs: Offline access tokens