Access Token

Highlighted
New Member
5 0 0

1) How do we get X-Shopify-Access-Tokens for Live stores? 
The documentation doesn't seem to be very helpful. I have generated X-Shopify-Access-Token for development stores using a public app (draft status). However, I don't know how to generate the token for live stores. 
Draft public app needs to be approved before I can use it in a live store. Is there any other method other than a public app?

2) Is there another alternative to X-Shopify-Access-Tokens for authentication?
In other platforms we can generate access token via UI. 

Please let me know. Thanks. 


0 Likes
Highlighted
Pathfinder
131 11 20
  1. Yes a public app has to be approved before a live store can install it. Otherwise, you will need to create a custom app for a specific merchant and use the custom merchant install link to enable OAuth2 and get their access token. 

  2. If you only need back-end REST / GraphQL API access, the merchant can create a "private app" on your behalf which generates an api key and secret that they then give to you. Otherwise I don't know of any other way to get X-Shopify-Access-Token outside of OAuth. 
0 Likes
Highlighted
New Member
5 0 0

I am using the private app.

https://xxxxxxx:xxxxx@xxxxx.myshopify.com/admin/api/2020-07/products.json

The private works when I don't have a request body. However, whenever I insert a request body I get the following back in postman.

Any idea why?

<html>

<body>
  <noscript>
    <a
  </noscript>

  <script type="text/javascript" defer>
    window.location = "https:\/\/accounts.shopify.com\/oauth\/authorize?client_id=7ee65a632608843c577db8b23c4d7316ea0a01bd2f7594f8a9c06ea668c1b775c\u0026destination_uuid=322dbe5b-dddb-497f-8175-ea207af2f094\u0026nonce=9ac10f325b664c703429b885b92edfaf\u0026prompt=merge\u0026redirect_uri=https%3A%2F%2Fdemo-begreenpackagingstore.myshopify.com%2Fadmin%2Fauth%2Fidentity%2Fcallback\u0026response_type=code\u0026scope=email%20https%3A%2F%2Fapi.shopify.com%2Fauth%2Fdestinations.readonly%20openid%20profile%20https%3A%2F%2Fapi.shopify.com%2Fauth%2Fpartners.collaborator-relationships.readonly%20https%3A%2F%2Fapi.shopify.com%2Fauth%2Fbanking.manage\u0026state=6ca070888453bdf7376d8c00fdfbc7d5\u0026ui_locales=en\u0026ux=shop";
  </script>
</body>

</html>
0 Likes
Highlighted
Pathfinder
131 11 20

This is a common problem with Shopify and postman, you need to delete your cookies from postman. 

0 Likes
Highlighted
Excursionist
38 1 8

If you use koa-auth-shopify the access token is stored in the session under ctx.session.accessToken

const { shop, accessToken } = ctx.session;

 Depending on your mode (online of offline) the token does expire or not.

https://apps.shopify.com/picamaze
Animated watermarks for product images and ads
0 Likes