Struggling with simple GET call to admin api (Response: 403 'Forbidden')

Solved
Highlighted
New Member
4 0 0

Hey all,

 

I want to retrieve all currently installed script tags. This is my route on the backend:

 

  router.get("/gettag/", verifyRequest(), async (ctx) => {
    console.log("get tag backend called.");
    await handle(ctx.req, ctx.res);
    const { shop, accessToken } = ctx.session;
    try {
      const results = await fetch(
        "https://" + shop + "/admin/api/2020-01/script_tags.json",
        {
          headers: {
            "X-Shopify-Access-Token": accessToken,
          },
          method: "GET",
        }
      )

[...]

I call it like this from the frontend:

  getScriptTag = () => {
    var fetchUrl = "/gettag/";
    var method = "GET";
    fetch(fetchUrl, { method: method })
      .then((response) => response.json())
      .then((json) => console.log(json));
  };

And sadly, this is the response:

┃ url: 'https://<my-dev-shop>.myshopify.com/admin/api/2020-01/script_tags.json',
┃   status: 403,
┃   statusText: 'Forbidden',
┃   headers: Headers {
┃ [...]

Can someone advise me on what I'm doing wrong here?

 

Thanks in advance!

0 Likes
Highlighted
Shopify Partner
17 2 5

This is an accepted solution.

Random question but do you have the scopes enabled? `

read_script_tags, write_script_tags

 

0 Likes
Highlighted
New Member
4 0 0

Funny enough I realized that I'm missing the correct scope and am testing it right now. ngrok is slow as hell. Will update here as soon as I have a result.

 

edit: Sure enough that was the problem. I'm an idiot, thanks.

0 Likes
Highlighted
Shopify Partner
17 2 5

Good show!

0 Likes