Focuses on API authentication, access scopes, and permission management.
I'm working on an admin.order-details.action.render which needs to make a call to my app. I'm following the instructions at https://shopify.dev/docs/api/admin-extensions#app-authentication when making the fetch call, but NO Authorization header makes it to my app server. I have tried the call with both fetch(/path) and fetch(app:/path). Both of these methods make the request to my app server, but neither send an Authorization header so my app's calls to authenticate.admin(request) fail.
Am I missing something? Do authenticated requests only work for blocks and not actions?
Solved! Go to the solution
This is an accepted solution.
I am not sure what happened, but now I am getting the header.
FYI to test, I changed my action to a block and still do not get the Authorization header passed.
This is an accepted solution.
I am not sure what happened, but now I am getting the header.
Is there a way to manually manage session tokens in the admin action/block extensions? I am trying to hit a server of mine that is not my app server, so to authenticate, I need to. have the session token. I don't see any API to getSessionToken from within admin-ui-extensions, can you offer some insights into this?
The issue is that Shopify fetch will not attach an Authorization header to an end point that is not using HTTPS
So ensure whatever end point ( URL ) you are making a request to using fetch is HTTPS so Shopify interceptor can add the Authorization header