Why Customer Tag Rules Require Login
Customer tags in DC Order Limits let you create rules that target (or exclude) specific groups of customers — VIPs, wholesale buyers, employees, or any other segment. But there's a critical requirement that trips up most merchants: tag-based rules only work when the customer is logged in.
This article explains why that is, what happens when a guest encounters a tag-based rule, and how to set up your rules so nothing slips through.
Why tags require login
Shopify stores customer tags on the customer account, not on the browsing session. When someone visits your store without logging in, the app can't see their tags while they browse and add items to cart.
Here's the nuance: when a non-logged-in customer enters their email address at checkout, Shopify can look up their customer record at that point — so the app can eventually see their tags. But this creates a frustrating experience:
- A logged-in customer → the app sees their tags immediately, from the moment they land on the store ✅
- A non-logged-in customer → the app has no tag data while they browse and add to cart. The tag check only kicks in at checkout when they enter their email address. ⚠️
This means a customer who isn't logged in can browse your store, add restricted products to their cart, get all the way to checkout — and then get blocked when they enter their email. That's a confusing and annoying experience for the customer.
This is why enforcing login is strongly recommended for tag-based rules. When a customer is logged in, the app knows who they are from the start and can enforce limits immediately — before they add anything to their cart. No surprises at checkout.
The most common scenario
"I set up a Customer Purchase Limit for customers with tag RD3-PS5, but anyone who's logged in can still buy — even without the tag."
This happens because the rule is configured to apply only to customers with a specific tag. That means:
- Customers with the tag → limited (e.g., max 1)
- Customers without the tag → no rule applies to them at all
- Guests → no rule applies
The rule restricts the tagged group but doesn't block anyone else. If your goal is to only allow tagged customers to purchase, you need a second rule.
The two-rule pattern: restrict access to tagged customers only
To limit a product so that only customers with a specific tag can buy it, you need two rules working together:
Rule 1 — Block everyone by default
| Type | Quantity & Price Limit (Order Limit) |
| Products | Select the restricted product(s) |
| Customer eligibility | All Customers |
| Excluded customer tags | Your access tag (e.g., VIP ) |
| Max quantity | 0 |
This rule sets the limit to zero for everyone, but excludes tagged customers — so they're not affected by the block.
Rule 2 — Set the limit for tagged customers
| Type | Customer Purchase Limit |
| Products | Same product(s) |
| Customer eligibility | Customers with Specific Tags → VIP |
| Max quantity | 1 (or your desired limit) |
| Guest handling | Block and require login |
This rule enforces the actual purchase limit for tagged customers and tracks their lifetime purchases.
Result:
- Guests → blocked (can't buy at all — Rule 1 sets max to 0, and Rule 2 requires login)
- Logged-in, no tag → blocked (Rule 1 sets max to 0)
- Logged-in, with tag → limited to 1 (Rule 1 skips them, Rule 2 applies)
Handling guest customers
When setting up tag-based rules, you'll want to decide what happens to guests. DC Order Limits gives you three options under Guest Customer Handling:
| Option | What happens | Best for |
|---|---|---|
| Block and require login | Guests see an error telling them to log in. They cannot add the product to cart or check out. | Exclusive products, membership programs, employee stores |
| Allow guests with no limit | Guests can purchase freely. Only logged-in customers are tracked. | When you want to track repeat buyers but not gate the product |
| Apply limit to guests | Guests are limited by cart quantity (per-session, no cross-order tracking). | Basic abuse prevention where login isn't practical |
For tag-based rules, "Block and require login" is almost always the right choice. Without it, a customer can browse freely, add restricted products to their cart, and only hit the tag-based limit when they enter their email at checkout — a frustrating experience. Requiring login up front means limits are enforced from the moment they land on the store, and logged-in customers without the tag are handled by your blocking rule.
⚠️ Bypass risk: Because tag-based rules rely on customer identity, a shopper can attempt to evade limits by using a different email address or checking out as a guest (where no customer record is matched). "Block and require login" is the strongest defense — it forces every purchase through an account, making it much harder to circumvent tag-based restrictions.
Setting up VIP or membership tiers
If different customer groups should have different limits (e.g., Standard customers get 1, VIP customers get 3), create separate rules per tier:
- Standard rule — Customer Purchase Limit, max 1, applies to all customers, excludes tag
VIP - VIP rule — Customer Purchase Limit, max 3, applies to customers with tag
VIP
Both rules can target the same products. The app evaluates each rule independently, and a customer only needs to satisfy the rules that apply to them.
Troubleshooting checklist
If your tag-based rule isn't working as expected, check these in order:
- Is the customer actually logged in? Test in an incognito window where you've logged in to the customer account. Without login, the app won't see tags until the customer enters their email at checkout — which means they can add restricted items to cart before being blocked.
- Does the customer actually have the tag? Go to the customer's profile in Shopify Admin → check the Tags section. Tags are case-sensitive.
- Is the rule targeting or excluding the tag? "Customers with Specific Tags" means the rule only applies to those customers. "Excluded Customer Tags" means the rule applies to everyone except those customers.
- Do you have a blocking rule for non-tagged customers? If you only have a rule targeting tagged customers, everyone else has no restrictions. Use the two-rule pattern above.
- Is Guest Customer Handling set correctly? If set to "Allow guests with no limit," guest visitors can purchase freely.