# Agent Access Canonical: https://docs.flowrelay.app/agent-access/ Markdown: https://docs.flowrelay.app/agent-access.md Agent Access lets a merchant create scoped, revocable authority for a trusted agent to inspect and prepare recovery through the same safeguards as humans. ## What Agent Access is for Agent Access lets a merchant authorize a trusted agent to inspect setup, receipts, recovery options, diagnostics, and governed action previews through scoped FlowRelay operations. ## What stays human-controlled Billing approval, grant changes, Shopify Flow workflow edits, support submission, secret handling, raw data access, and authority expansion stay under human control unless separately authorized. ## Agent jobs Choose authority based on the job, not the agent's convenience. - Job: Explain what happened to an event; Typical access: Read setup, event history, receipts, and safe diagnostics context. - Job: Prepare recovery; Typical access: Preview replay or diagnostics action intents without executing outside the grant. - Job: Execute a recovery action; Typical access: Execute only the approved governed action with idempotency and audit. ## Operating rules Use these controls to keep agent access scoped and reversible. 1. Open Agent Access from FlowRelay inside the merchant-authorized Shopify app context. 2. Choose the lowest useful authority tier and scope for the work the agent is allowed to perform. 3. Set an expiry that matches the task, then create or review the grant from the human admin surface. 4. Have the agent start from the docs index, Markdown pages, and /agent/v1/manifest before using API, CLI, or MCP. 5. Keep billing approval, grant changes, Shopify Flow edits, secrets, raw data, and support requests under explicit human control unless separately authorized. ## Related - [Grants and scopes](https://docs.flowrelay.app/agent-access/grants-and-scopes.md) - [API Reference](https://docs.flowrelay.app/reference/api.md) - [MCP Reference](https://docs.flowrelay.app/reference/mcp.md) ## Safety Boundary Do not include raw payloads, endpoint secrets, auth headers, HMAC values, Shopify tokens, Shopify sessions, database URLs, customer data, merchant incidents, or copied private logs in public examples.