Focuses on API authentication, access scopes, and permission management.
I have created an app in the Shopify partner dashboard and I have made it a public sales channel app. On a test store, which I am the owner of, I am trying to create a checkout and then get access to the webUrl that is returned. I have authenticated with OAuth and can confirm that I can get products using the generated access_token on my custom app. I have the permission write_checkouts includes in the scopes. I also have every other scope included just for testing. However, every time I try to call the create checkout endpoint with the admin api and those credentials all it returns is 403: forbidden. What step am I missing? I following everything and double checked that it is all correct. What can I do?
If anyone is reading this, I fixed my issue. You have to go into Protected Customer Data Access and I basically just selected all of them and answered all the questions. The docs that I found are not very clear on the need to do this in my opinion and i thought test apps would already have some of these privileges.