Revoke payment method permissions not working.

Solved
eat_to_evolve
Tourist
5 0 1

Hello, I am trying to make this call

https://shopify.dev/docs/admin-api/graphql/reference/customers/customerpaymentmethodrevoke

{
"customerPaymentMethodId" : "gid://shopify/CustomerPaymentMethod/bcdbf2bd274d93a7dd71b41d02c1961a"
}
mutation customerPaymentMethodRevoke($customerPaymentMethodId: ID!) {
  customerPaymentMethodRevoke(customerPaymentMethodId: $customerPaymentMethodId) {
    revokedCustomerPaymentMethodId
    userErrors {
      field
      message
    }
  }
}

 and my access token has these scopes, 

'read_products',
'write_products',
'read_orders',
'read_customers',
'write_customers',
'read_customer_payment_methods',
'write_customer_payment_methods',
'write_own_subscription_contracts',
'read_own_subscription_contracts',

but when I try to run that mutation, i get

    "errors": [
        {
            "message": "CustomerPaymentMethodRevoke access denied",
            "locations": [
                {
                    "line": 2,
                    "column": 3
                }
            ],
            "path": [
                "customerPaymentMethodRevoke"
            ]
        }
    ],

 I am able to run the 

customerPaymentMethodSendUpdateEmail mutation just fine with the same access token, on the docs it says they require the same scopes.
0 Likes
yalshekerchi
Shopify Staff
Shopify Staff
1 1 1

This is an accepted solution.

Hello,

Thank you for you question!

The customerPaymentMethodRevoke requires the write_customer_payment_methods scope, while the customerPaymentMethodSendUpdateEmail does not require it. This may be the reason why only one of the two mutations is working with your access token.

I sent you a message requesting additional details to confirm that the permission has been granted for the scope.