I have a public app that updates the fulfillment tracking information for orders, via the following endpoint:
When I send this request, I get an error saying "The api_client does not have the required permission(s)."
However, the access token I am using is authorized for the "write_orders" scope, which according to the documentation, is the scope required to edit this information.
I'm stumped. Am I missing an additional required scope, or some kind of app configuration?
Solved! Go to the solution
Have you tried adding any of these scopes?
read_fulfillments, write_fulfillments, read_assigned_fulfillment_orders, write_assigned_fulfillment_orders
There's a couple more around fulfillment that may be worth checking out here.
@BoxUp Thanks for the reply. I did try adding the "write_fulfillments" scope, and received the same error.
I will try adding those other scopes, but the documentation is fairly explicit that the "write_orders" scope gives access to the "Fulfillment" resource, which this endpoint is a part of.
I have also previously used the "write_orders" scope to update tracking info for fulfillments, using the generic update endpoint:
So I'm not sure why I can't do the same here.
This is an accepted solution.
I figured this out, sort of.
Apparently the "PUT /update_tracking.json" endpoint requires the "write_merchant_managed_fulfillment_orders" access scope. Thanks again to @BoxUp for the suggestion.
However, according to the documentation, this scope is for accessing the "FulfillmentOrder" resource, which does not contain this endpoint (it is under the "Fulfillment" resource). So I believe the documentation is incorrect.
Another tricky thing - it appears that the "update_tracking.json" endpoint does not allow for updating certain individual fields (e.g. the "url"). When I do this, the carrier and tracking number are erased, unless I explicitly provide them in the params. I think the documentation is lacking here as well.