Two Challenges with Abandoned Checkouts REST API

Marc_Gayle
Shopify Partner
23 2 2

I am having two challenges with the Abandoned Checkouts REST API.

Challenge 1

The first is, when I am using Shopify-App-Cli console, even though I have the correct permissions in my Private App in my development store, I get an Access forbidden error (see below):

Screen Shot 2021-05-06 at 8.17.19 AM.png

[7] pry(main)> Checkout.count
E, [2021-05-06T07:57:36.132696 #28746] ERROR -- : GET https://myapp.myshopify.com:443/admin/api/2021-04/checkouts/count.json
E, [2021-05-06T07:57:36.132898 #28746] ERROR -- : --> 403 Forbidden 83 (434.3ms)
ActiveResource::ForbiddenAccess: Failed.  Response code = 403.  Response message = Forbidden ([API] This action requires merchant approval for read_checkouts scope.).
from /.rvm/gems/ruby-3.0.1@myapp/gems/activeresource-5.1.1/lib/active_resource/connection.rb:145:in `handle_response'

Notice that the 'Orders' attribute of the API has an allowance for 'abandoned checkouts', but I don't explicitly see a 'read_checkouts' scope anywhere in the Private App permissions. In fact, the only 'read_checkouts' I see is under the 'Store API Permissions' (not 'Admin API') and it is 'unauthenticated_read_checkouts' (see screenshot below):

Screen Shot 2021-05-06 at 8.27.27 AM.png

So I am not sure what I should be looking for, or what else I should enable for my `Shopify-API-Console` to allow me to interact with checkouts.

Challenge 2

Despite an inability to get it working in my console, I am trying it in my code in my public app and the `id` attribute on my `checkout` object is returning the result of `checkout.token` not `checkout.id`.

This is my `products_controller.rb`:

class ProductsController < AuthenticatedController
  def index
    @products = ShopifyAPI::Product.find(:all, params: { limit: 10 })
    @Orders = ShopifyAPI::Order.find(:all, params: { limit: 10 })
    @checkouts = ShopifyAPI::Checkout.find(:all, params: { limit: 10 })        
  end
end

This is my `products/index.html.erb`:

<h2>Abandoned Checkouts</h2>

<ul>
  <% @checkouts.each do |checkout| %>
      <li><%= checkout.id %></li>
      <li><%= checkout.attributes %></li>
  <% end %>
</ul>

This is what I see rendered on my page:

Screen Shot 2021-05-06 at 8.24.17 AM.png

 

Screen Shot 2021-05-06 at 8.24.02 AM.png

 

Notice that for each instance of 'checkout', what should be the 'checkout.id' is actually the 'checkout.token'. I don't understand what the heck is going on and why the API is returning this result.

What am I missing?

0 Likes
Marc_Gayle
Shopify Partner
23 2 2

After digging through the code of the Shopify-API gem, it seems clear to me that the Abandoned checkout is not meant to return the `id` attribute when called. It is supposed to return the token.

So to generate the URL for each abandoned token, I had to do something hacky:

<li><%= link_to checkout.id, "https://#{@current_shopify_session.domain}/admin/checkouts/#{checkout.name.gsub("#",'')}", target: "_top" %></li>

Not ideal, but it works for what I want to do.

I still haven't figured out the permissions issue with my Private App though.

0 Likes
Liam
Shopify Staff
Shopify Staff
649 17 241

Hey Marc,

Specific to the permissions issue, our internal dev team have looked at this, and it seems you should be using `ShopifyAPI::AbandonedCheckout` instead of `ShopifyAPI::Checkout`. It seems the gem split abandoned checkout and checkout into 2 separate classes, and the `ShopifyAPI::Checkout` uses a token as a primary ID whereas the `ShopifyAPI::AbandonedCheckout` does not. 

Here are the two files for reference:
https://github.com/Shopify/shopify_api/blob/master/lib/shopify_api/resources/abandoned_checkout.rb

https://github.com/Shopify/shopify_api/blob/master/lib/shopify_api/resources/checkout.rb

And the reference doc for abandoned checkouts is here. Looking into what would be the best practice for generating a URL for each abandoned token. 

Hope this helps,

 

Liam | Developer Community Manager @ Shopify 
 - Was my reply helpful? Click Like to let me know! 
 - Was your question answered? Mark it as an Accepted Solution
 - To learn more visit Shopify.dev or the Shopify Web Design and Development Blog

Marc_Gayle
Shopify Partner
23 2 2

Ok perfect. Thanks @Liam. That works like a charm.

I look forward to what you find re: the URL construction.

Also, don't forget what could be causing the error from the main `Checkout` object though, or is that not an allowed endpoint? Or should I not be interacting with `Checkout` at all?

[7] pry(main)> Checkout.count
E, [2021-05-06T07:57:36.132696 #28746] ERROR -- : GET https://myapp.myshopify.com:443/admin/api/2021-04/checkouts/count.json
E, [2021-05-06T07:57:36.132898 #28746] ERROR -- : --> 403 Forbidden 83 (434.3ms)
ActiveResource::ForbiddenAccess: Failed.  Response code = 403.  Response message = Forbidden ([API] This action requires merchant approval for read_checkouts scope.).

  

0 Likes
Liam
Shopify Staff
Shopify Staff
649 17 241

Hey Marc - Unless you're building a sales channel (which I don't think you are) you should not be interacting with the Checkout object at all. 

The checkout object is for this API which doesn't include count as an endpoint. 

 

Cheers,

Liam | Developer Community Manager @ Shopify 
 - Was my reply helpful? Click Like to let me know! 
 - Was your question answered? Mark it as an Accepted Solution
 - To learn more visit Shopify.dev or the Shopify Web Design and Development Blog

0 Likes
Marc_Gayle
Shopify Partner
23 2 2

Ahh ok. That makes sense.

Thanks!

0 Likes