storefrontAccessTokenCreate mutation always returns "Access Denied"

tolgapaksoy
Shopify Partner
67 5 32

I am working on an app that also requires a storefront access token. I am setting it up to create an access token when the app is logged into.

But it always returns an error:

mutation storefrontAccessTokenCreate($input: StorefrontAccessTokenInput!) {
  storefrontAccessTokenCreate(input: $input) {
    storefrontAccessToken {
      accessToken
    }
    userErrors {
      field
      message
    }
  }
}

And variables:

{
	"input": {
    "title": "Test name"
  }
}

Which outputs:

{
  "data": {
    "storefrontAccessTokenCreate": null
  },
  "errors": [
    {
      "message": "StorefrontAccessTokenCreate access denied",
      "locations": [
        {
          "line": 2,
          "column": 3
        }
      ],
      "path": [
        "storefrontAccessTokenCreate"
      ]
    }
  ],
  "extensions": {
    "cost": {
      "requestedQueryCost": 10,
      "actualQueryCost": 10,
      "throttleStatus": {
        "maximumAvailable": 1000.0,
        "currentlyAvailable": 990,
        "restoreRate": 50.0
      }
    }
  }
}

 

Do I need a special scope to call storefrontAccessTokenCreate? If yes, then this isn't documented at all on pages https://shopify.dev/docs/admin-api/graphql/reference/mutation/storefrontaccesstokencreate?api[versio... and https://shopify.dev/docs/admin-api/access-scopes .

0 Likes
tolgapaksoy
Shopify Partner
67 5 32

Here's the X-Request-ID: 657060d8-01ec-46b2-a5bf-a76a83cf2a22

0 Likes
_JB
Shopify Staff
Shopify Staff
750 86 163

Hey @tolgapaksoy,

You need to request the unauthenticated scopes during Oauth. Details are in the docs you linked: https://shopify.dev/docs/storefront-api/getting-started#requesting-unauthenticated-scopes

JB | Developer Support @ Shopify 
 - Was my reply helpful? Click Like to let me know! 
 - Was your question answered? Mark it as an Accepted Solution
 - To learn more visit Shopify.dev or the Shopify Web Design and Development Blog

0 Likes
tolgapaksoy
Shopify Partner
67 5 32

Hi @_JB 

So in order to create a Storefront token from the Admin API, I need to include all scopes from Storefront token also in my OAuth scopes for Admin API?

I just tried doing that with Request 29f77578-0646-4efe-80c3-65f03a8cb79a and it still gives me the same error.

0 Likes
_JB
Shopify Staff
Shopify Staff
750 86 163

Hey @tolgapaksoy,

I just pulled up that request but I'm still not seeing the unauthenticated scopes. The scopes I'm referring to all begin with the word unauthenticated, full list can be found here.

Keep in mind that if you're testing on a shop where the app was installed previously, you'll need to update the scopes first. You can do this by deleting the app and requesting the new scopes during install, or redirect the user back to Oauth with the new scopes included in the URL.

JB | Developer Support @ Shopify 
 - Was my reply helpful? Click Like to let me know! 
 - Was your question answered? Mark it as an Accepted Solution
 - To learn more visit Shopify.dev or the Shopify Web Design and Development Blog

0 Likes