What does the read_only_own_orders permission actually do?

Solved
davidyzeng
Shopify Partner
6 2 1

Hi, I'm building a sales channel app and part of the requirements is that

The "read_only_own_orders" scope is added by the review team during the approval process and ensures that a channel can only read the orders it created.

However, searching for this string, it seems like the only time it appears on the entire internet is on the "Getting your app approved/App requirements" page https://shopify.dev/concepts/app-store/getting-your-app-approved/app-requirements#d-checkouts

 

What are the actual implications of this permission and how should we interpret it? Like should it be basically interpreted as "read_orders" but Shopify will do some filtering of the webhooks and orders before they reach us to only trigger the webhooks for our own orders and to only let us read our own orders for the sales channel? 

0 Likes
_JB
Shopify Staff
Shopify Staff
750 87 165

This is an accepted solution.

Hey @davidyzeng,

 

Like should it be basically interpreted as "read_orders" but Shopify will do some filtering of the webhooks and orders before they reach us to only trigger the webhooks for our own orders and to only let us read our own orders for the sales channel?

This is correct.

 

 

The read_only_own_orders permission ensures that a sales channel can only see orders created by that channel. This includes using the orders endpoint as well as webhooks, with this permission enabled you will only receive webhooks related to orders created by your channel, and any calls to the orders endpoint will only include orders created by your channel.

JB | Developer Support @ Shopify 
 - Was my reply helpful? Click Like to let me know! 
 - Was your question answered? Mark it as an Accepted Solution
 - To learn more visit Shopify.dev or the Shopify Web Design and Development Blog

mapery
New Member
3 0 0

@_JB, if an app wants to send a customer straight to a new checkout after they have made a purchase (for an upsell offer, for example), is that effectively impossible? To be able to create the new checkout, the app has to be a sales channel. But if the app is a sales channel, it can’t read the first order in the first place.

 

Is that correct?

0 Likes