FlowRelay
Use Cases
Let an agent investigate an event
Use this path when a merchant wants an authorized agent to help answer what happened to an event without receiving broad store authority or private event data.
Investigation job #
An authorized agent can identify the endpoint, read the receipt, explain the current outcome, and suggest the next safe step from FlowRelay facts.
Recovery job #
When the grant allows it, the agent can prepare approved replay or diagnostics actions. Execution still follows preview, explicit confirmation, idempotency, and audit.
Hard boundaries #
Agents cannot self-escalate, approve billing, mint or widen their own grants, access raw secrets or payloads, submit support outside scoped FlowRelay support paths, or edit Shopify Flow without separate Shopify authorization.
Typical path
A typical path starts from the scenario, then moves into setup and verification.
- 01Use a private agent client the merchant trusts, such as Codex, Claude Code, the FlowRelay CLI run by a coding or ops agent, direct Agent Operations API calls, or MCP Agent Operations access where enabled.
- 02Create or inspect the merchant-authorized grant and confirm the agent has only the scopes needed for investigation.
- 03Give the agent the Agent Operations base URL and scoped token through private secret, environment, CLI, or MCP configuration rather than public docs, tickets, or shared prompts.
- 04Have the agent start from /llms.txt, the relevant Markdown page, and /agent/v1/manifest before making authenticated calls.
- 05Let the agent read setup state, event history, receipt facts, replay availability, and diagnostics state through the same Agent Operations contract.
- 06Require action previews for side-effecting work, including replay preview, confirmation, idempotency, metering, and audit.
- 07Escalate to a human for billing approval, grant changes, Shopify Flow workflow edits, secrets, raw event data, support requests, or anything outside the grant.