Protected customer data access required to use the Customer Account API

We are requiring apps to meet at least Level 1 Protected Customer Data Requirements in order to access the Customer Account GraphQL API. This change is applicable to all API versions. We recognize that this may be a breaking change for public apps that use the Customer Account API and is necessary to ensure the protection of customer data.

This change will not impact Hydrogen and Headless storefronts or Custom Apps since they already have access to Level 1 and Level 2 Protected Customer data.

Partners that are part of the Customer Account UI Extensibility developer preview and are calling the Customer Account API from their extensions will need to request access to continue to access the API.

Learn more about Protected Customer Data on shopify.dev.