API: 403 'Forbidden' response after a call to a Shopify 'canary' server

API: 403 'Forbidden' response after a call to a Shopify 'canary' server

Richard33
Visitor
2 0 0

We have an in-house app that uses the Shopify API.
We use it to fulfil orders.


Lately, when we try to fulfil an order, we get an error response:
403 Forbidden
forbidden error.jpg

For every order, we get this response 4-5 times, and then it works!

 

Successful fulfilment

During a successful fulfilment, there are these calls:

  • GET /admin/api/2023-04/locations.json
  • GET /admin/api/2023-04/orders/xxxxxxxxxxxxx/fulfillment_orders.json
  • POST /admin/api/2023-04/fulfillments.json

A successful fulfilment also contains the header response:

X-Shopify-Stage: production


Unsuccessful fulfilment

An unsuccessful fulfilment only has the first call:

  • GET /admin/api/2023-04/locations.json

This call is successful, but during the next one, get the above '403 Forbidden' error message

However the header response is different:

X-Shopify-Stage: canary

Observations

We can infer that the problem may be when Shopify returns a response from

X-Shopify-Stage: canary

instead of

X-Shopify-Stage: production

then the subsequent call fails.


We can also infer that the problem occurs in the call to

GET /admin/api/2023-04/orders/xxxxxxxxxxxxx/fulfillment_orders.json

 

API Error 1.jpg

Replies 2 (2)

lizk
Shopify Staff
246 58 79

Hi there 👋

Would you have the X-request-id for any of these failing requests that have happened in the last 24 hours?

To learn more visit the Shopify Help Center or the Community Blog.

Richard32
Shopify Partner
3 0 3

In the above 'successful' fulfilment with a call to 

  • GET /admin/api/2023-04/locations.json

with a response from 

X-Shopify-Stage: production

..had this X-Request-ID:
X-Request-ID: 063b31c7-8e00-4ebb-81d3-8178f19fab1e

 

In the above 'unsuccessful' fulfilment with a call to 

  • GET /admin/api/2023-04/locations.json

with a response from 

X-Shopify-Stage: canary

..had this X-Request-ID:

X-Request-ID: 12a8c001-4979-4a38-a944-df20d31ac0eb