Do I really need orders_read permission just to use /admin/api/2021-07/orders/count.json

skuharmony
Shopify Partner
26 2 6

Hi, I have an application for which I'd like to charge a fee based on the number of orders that the store does in a month.  The best endpoint for this appears to be /admin/api/2021-07/orders/count.json. This returns just an integer with the number of orders meeting the specified request criteria (ie: in the past 30 days).

This endpoint, however requires the read_orders scope.  That scope gives permissions to read all contents of orders for the past 60-days.  When requesting that scope, users receive the (intentionally scary) explanation of 

"This app has access to the following personal information:  Customers names, email addresses, phone numbers, physical addresses, geolocations, IP addresses, and browser user agents"

My application does not need (and I don't want to be responsible for) any personally identifiable information.  I *just* want to see the number of orders placed. It would be fantastic if it was possible to use the `/orders/count.json` endpoint without requiring the full `read_orders` scope.  

 

 

0 Likes