Kingsbell includes a theme-facing member experience for signed-in customers, tagged members, and Shopify B2B customers. These capabilities control presentation in Liquid. They do not, by themselves, secure products, APIs, files, carts, or checkout.
Supported presentation states
The shared access evaluator supports:
- public access;
- any signed-in customer;
- a required customer tag;
- an authenticated B2B customer;
- customer tag or B2B context.
A section or private template can select the relevant presentation rule and render either member content or a visitor-facing gate.
Theme capabilities
Kingsbell provides:
- a reusable Member gate section;
- support for Phase 6 theme blocks and app blocks inside the gate;
- a signed-in member dashboard;
- customer identity and order summary presentation;
- B2B company context;
- account, profile, address, order, and logout routes;
- recent order presentation;
- a Shopify-native member-access request form;
- an account-aware header link;
- customer-aware invitation routing;
- optional gates in private product and collection sections.
Assignable templates
Kingsbell includes:
page.member-hub.json
page.member-resources.json
page.member-request.json
product.private.json
collection.private.jsonThe private product and collection templates default to a member customer tag or an authenticated B2B customer. Merchants can change presentation settings, but enforcement must remain aligned with the actual catalog and entitlement model.
What the Liquid gate hides
When access is not satisfied, the private product and collection sections can avoid rendering restricted branches such as:
- product media;
- descriptions;
- prices;
- variants;
- collection grids;
- filters;
- quick add;
- buy forms.
This reduces accidental disclosure in the rendered page. It is not a complete authorization system.
What the Liquid gate does not secure
A theme gate does not secure:
- product publication;
- Shopify search indexes;
- Storefront API responses;
- cart APIs;
- direct product or variant identifiers;
- permanent files or media URLs;
- checkout;
- discounts;
- inventory allocation;
- customer or company entitlements in backend systems.
Do not publish confidential products and assume a hidden Liquid branch makes them private.
Enforcement options
Depending on the store model, use one or more of:
- Shopify product publication controls;
- Shopify catalogs and market assignments;
- B2B company and company-location assignments;
- customer account identity;
- Shopify Functions for applicable validation or discount logic;
- a companion application with server-side authorization;
- controlled file delivery for protected assets;
- backend audit logs and entitlement expiry.
The visible theme state and the authoritative commerce state must agree.
Identity authority
Kingsbell treats Shopify customer accounts as the identity authority. The theme uses Shopify's customer context and official account routes rather than maintaining a separate password system in Liquid.
Relevant Shopify primitives include:
- the global
customerobject; - customer tags;
customer.b2b?;- current company and company location;
- customer order data;
- storefront login and account routes;
- the
<shopify-account>header component.
A companion application may maintain richer entitlement records, but it should link them to Shopify customer identity.
Customer tags
Customer tags are useful as a storefront-readable mirror of a membership state. They are not an ideal sole source of complex entitlements.
When using tags:
- define exact tag names and casing;
- avoid using a tag for multiple unrelated programs;
- remove or update tags when membership expires or is revoked;
- keep backend entitlement records authoritative when approval workflows are complex;
- test customers with no tags, the required tag, unrelated tags, and multiple tags.
B2B context
Kingsbell can recognize authenticated B2B customers and expose company context in member presentation.
Test:
- a direct customer;
- a B2B customer without an active company location;
- a B2B customer with the expected company and location;
- a customer belonging to more than one relevant context where supported;
- catalog assignment and product availability;
- checkout under the correct company context.
Theme presentation must not override Shopify's actual B2B catalog rules.
Member dashboard
The dashboard can present:
- customer name and account identity;
- order count;
- account value summary where configured;
- B2B company context;
- account navigation;
- recent orders.
Display only data available through Shopify's supported Liquid customer context. Richer account data belongs in customer account UI extensions or a companion application.
Member access requests
The member request template uses a Shopify contact form. It collects a request; it does not automatically approve access.
Define an operational workflow for:
- receiving the request;
- verifying the requester;
- approving or rejecting access;
- updating the authoritative entitlement;
- mirroring the required tag or metafield where appropriate;
- notifying the customer;
- recording expiry, suspension, or revocation.
Do not place confidential approval logic in client-side JavaScript.
Companion application contract
The Kingsbell repository includes MEMBER-COMPANION.md and companion/member-entitlement.schema.json.
The companion specification covers:
- entitlement status and scopes;
- customer-tag and metafield mirrors;
- admin workflows;
- theme app blocks;
- customer account UI extensions;
- backend authorization;
- audit requirements;
- approval, expiry, suspension, and revocation;
- B2B and direct-customer paths.
Treat the JSON schema as a data-contract starting point. Application authorization must still validate every protected operation server-side.
Recommended entitlement states
A practical entitlement lifecycle includes:
- requested;
- under review;
- approved;
- active;
- expired;
- suspended;
- revoked;
- rejected.
The theme usually needs only a simplified active/inactive mirror. Administration and backend enforcement need the full state, timestamps, actor, reason, scopes, and audit history.
Private-commerce test matrix
Before launch, test:
- signed-out visitor;
- signed-in customer without access;
- tagged member;
- expired or revoked member;
- B2B customer with the correct catalog;
- customer with unrelated tags;
- direct URLs to products, collections, search, media, cart, and checkout;
- Storefront API access where enabled;
- account login, logout, and redirect behavior;
- request-form submission;
- entitlement changes during an active session;
- rollback when the companion service is unavailable.
A private template is ready only when presentation and authoritative enforcement both pass.