AppDev - Sales Channel and the read_only_own_orders scope - The access scope is invalid

4 1 0


I've been forwarded here from our app reviewer and shopify partner support!

This came through as a requirement for app approval "You need the read_only_own_orders scope to comply with our requirements. This scope ensures the sales channel can only read orders that it created and is added to the sales channel during review. Let us know if you're ready to have this flag added to your sales channel.". 

From there, we've requested the scope be enabled for our apps.

During the OAuth flow process the following error is returned "Oauth error invalid_scope: The access scope is invalid: read_only_own_orders".

I've had it be confirmed (by app reviewer and partner support) the scope read_only_own_orders is be enabled for our apps (production + staging + dev).

I've tried various lists of scopes i.e. including the read_orders scope with the above and removing the read_orders scope but cannot get past this screen with an install completing with that scope.

I may be missing how this scope works but theres a lack of documentation I can see around this scope. It's mentioned here on the app review guidelines page! but nowhere else in the developer documentation. There's a few forum posts here and here but none of these have any link to the issue I'm facing! I feel this could be a problem on the shopify side.

Not sure if this is helpful but here are some of the headers on an example OAuth request:
x-request-id: 07ad0408-d1df-48dc-9ef3-50677187adee
x-shardid: 199
x-shopid: 55620665544
x-shopify-stage: production
x-sorting-hat-podid: 199
x-sorting-hat-shopid: 55620665544

Other tickets:

App Review ticket #23570041
Partner support ticket #23595074

Is there any documentation on how this scope work? Or is it possible this is looked into?


4 1 0

This is an accepted solution.

Its not an issue! It's not actually a scope you need to request, it's a scope applied behind the scenes by shopify.