error 400 'Required parameter missing or invalid' when generating a storefront access token

Solved
Highlighted
Tourist
7 1 1

I'm trying to make a post request for a storefront access token, but I've been getting the error 'Required parameter missing or invalid'. I'm using axios to make the request, but I'm not sure what could be wrong or missing from the request.

               const Url = 'https://' + shop + '/admin/api/2020-10/storefront_access_tokens.json';

                axios(Url,{
                    method: 'post',
                    headers: {
                        'Accept':'application/json',
                        'Content-Type': 'application/json',
                        'X-Shopify-Access-Token': accessToken,
                    },

                    }).then(response => {
                        console.log(response)
                    }).catch(err => {
                        console.log(err.response);
                    });

 

 

 

The accessToken is a permanent one, app is a public sales channel, and I have an unauthenticated scope . I've tried without the "Accept' and "Content-Type" headers and received the same error. I haven't been able to find a concrete code example of this request, so I'm not sure what I'm missing with the documentation alone. If there is anything that I'm missing or anything you think could be wrong please let me know. 

0 Likes
Highlighted
Excursionist
13 1 2

Where are you defining the accessToken variable?

0 Likes
Highlighted
Tourist
7 1 1

It's defined after authentication

afterAuth(ctx) {
                const { shop, accessToken } = ctx.session;


                ctx.cookies.set('shopOrigin', shop, {
                    httpOnly: false,
                    secure: true,
                    sameSite: 'none'
                });
                ctx.cookies.set('accessToken', accessToken,{
                    httpOnly: false,
                    secure: true,
                    sameSite: 'none'
                });

                const Url = 'https://' + shop + '/admin/api/2020-10/storefront_access_tokens.json';

                axios(Url,{
                    method: 'post',
                    headers: {
                        'Accept':'application/json',
                        'Content-Type': 'application/json',
                        'X-Shopify-Access-Token': accessToken,
                    },

                    }).then(response => {
                        console.log(response)
                    }).catch(err => {
                        console.log(err.response);
                    });

                ctx.redirect('/');
            }
0 Likes
Highlighted
Excursionist
13 1 2

Okay

This is where you're getting the shop and accessToken properties:

const { shop, accessToken } = ctx.session

You're accessing the properties via destructuring from the session context ctx.session variable.

Perhaps you can look at ctx.session or just ctx by doing a console.log(ctx) or console.log(ctx.session) in your code and look at the console output in the browser. You're looking for the properties shop & accessToken specifically and their values.

Let me know how that goes and we can go from there.

Mike

0 Likes
Highlighted
Tourist
7 1 1

The values are the same from what I saw in the console.log of ctx.session, but I also saw a value of _expire: 1603756594267 which I assume it was for the access token that is generated. I understand in order to get a storefront-access-token the access token generated at authentication need to be permanent (or offline), but I'm not sure how to tell if it is permanent or not. Although if that was the problem I believe I would receive a response indicating that. I sent my compete authentication code just in case there anything blatantly wrong.

 

 

server.use(
        createShopifyAuth({
            apiKey: SHOPIFY_API_KEY,
            secret: SHOPIFY_API_SECRET_KEY,
            scopes: ['read_products','unauthenticated_read_product_listings'],
            accessMode: 'offline',
            afterAuth(ctx) {
                const { shop, accessToken } = ctx.session;

                ctx.cookies.set('shopOrigin', shop, {
                    httpOnly: false,
                    secure: true,
                    sameSite: 'none'
                });
                ctx.cookies.set('accessToken', accessToken,{
                    httpOnly: false,
                    secure: true,
                    sameSite: 'none'
                });
                
                const Url = 'https://' + shop + '/admin/api/2020-10/storefront_access_tokens.json';

                axios(Url,{
                    method: 'post',
                    headers: {
                        'Accept':'application/json',
                        'Content-Type': 'application/json',
                        'X-Shopify-Access-Token': accessToken,
                    },

                    }).then(response => {
                        console.log(response)
                    }).catch(err => {
                        console.log(err.response);
                    });

                ctx.redirect('/');
            },
        }),
    )

 

 

0 Likes
Highlighted
Shopify Partner
66 5 26

I've had the same exact issue as you: https://community.shopify.com/c/Shopify-APIs-SDKs/storefrontAccessTokenCreate-mutation-always-return...

Shopify Staff answered me, telling me I need to add all `unauthenticated_*` scopes to my Admin API scopes as well. I tried doing that and to no avail. I made sure to reinstall my app to get a fresh access token with these new scopes, but I still couldn't get rid of the unauthenticated error.

0 Likes
Highlighted
Tourist
7 1 1

This is an accepted solution.

I ended up solving the problem. I was missing the body portion that was mentioned in the documentation where the title would be added . Here's my code using axios in javascript for anyone that could use an example. 

                const Url = 'https://' + shop + '/admin/storefront_access_tokens.json';

                axios(Url,{
                    method: 'post',
                    headers: {
                        'Accept':'application/json',
                        'Content-Type': 'application/json',
                        'X-Shopify-Access-Token': accessToken,
                    },
                    data: {
                        storefront_access_token: { title: 'Test2' }
                    },

                    }).then(response => {
                        console.log(response)
                    }).catch(err => {
                        console.log(err.response);
                    });