Focuses on API authentication, access scopes, and permission management.
I got this error to fetch orders with '@shopify/koa-shopify-auth'from a PUBLIC app.
Uncaught (in promise) Error: GraphQL error: Access denied for orders field.
The query is like this.
orders(first: 10, after: $cursor, query: $query, reverse: true) {
edges {
cursor
node {
currentTotalPriceSet {
presentmentMoney {
amount
currencyCode
}
}
tags
}
}
pageInfo {
hasNextPage
}
}
with $query like this
let query = campaigns
.map((campaign) => `tag:'FreeGiftCampaignId: ${campaign.id}'`)
.join(" OR ");
I added reverse: true, and the scopes are correctly set
SCPOPES: read_orders,read_all_orders,write_orders,read_products,read_discounts,write_discounts,write_script_tags
Also the app has been approved for read_all_orders
The strange thing about this issue is that it's not happening to every merchant only some of them have this issue
if i query the scopes for a failing merchant (just before the failing call) i got this which seems totaly fine
[
{
"handle": "read_all_orders"
},
{
"handle": "write_orders",
},
{
"handle": "read_products",
},
{
"handle": "write_discounts",
},
{
"handle": "write_script_tags",
},
{
"handle": "read_orders",
},
{
"handle": "read_discounts",
},
{
"handle": "read_script_tags",
}
]
also the 2 preceding calls which get a product and a collection fails with thoses errors
message: "Product access denied"
message: "Collection access denied"
So it definitely seems like a scope issue.
but what i am not getting is:
Hey, I want to check out did you solved this problem. I'm trying to create an app where I will print orders but I got the error "Access denied for orders field."
I change the scope of shopify.app.toml file, I don't know did I miss something?
Hey @TanjaCodi ,
Thanks for sharing that you've updated the toml file. After updating the scopes, did you re-authenticate the shop you are testing on?
You can confirm if they were applied properly with a query on the app installation: https://shopify.dev/docs/api/admin-graphql/2024-04/objects/AppInstallation#field-appinstallation-acc...
If not, I would try deploying again. If you're using the CLI, run the app deploy command, and then the next time you run the app, it should direct you to the authorization screen to accept the new scopes.
The guide for above is here: https://shopify.dev/docs/apps/auth/installation
Alternatively, you can use the steps here within the authorized code grant guide: https://shopify.dev/docs/apps/auth/get-access-tokens/authorization-code-grant/getting-started#step-7...
Hope that helps!
- Kyle G.
Developer Support @ Shopify
- Was this reply helpful? Click Like to let us know!
- Was your question answered? Mark it as an Accepted Solution
- To learn more visit Shopify.dev or the Shopify Web Design and Development Blog
Hello @ShopifyDevSup I try everything bit I can't deploy it because my app do not have access for read_all_orders. At the end I figured out that for this you need to request access for read orders. I am waiting for access from Shopify partner support so that I can see is it working or not. But thank you for your answer.