Access denied for productUpdate field. Required access: `write_products` access scope.

IndikaDev · ‎01-25-2023

Hello I am trying to create a metafield on my products by following this article link .

I am running the following graphql queries on Admin API to create a metafield.

mutation ($input: ProductInput!) {
  productUpdate(input: $input) {
    product {
      metafields(first: 100) {
        edges {
          node {
            namespace
            key
            value
          }
        }
      }
    }
  }
}

{
  "input" : {
    "id": "gid://shopify/Product/8068524540191",
    "metafields": [
      {
        "namespace": "instructions",
        "key": "wash",
        "value": "cold wash",
        "type": "single_line_text_field"
      }
    ]
  }
}

but getting the error

{
  "data": {
    "productUpdate": null
  },
  "errors": [
    {
      "message": "Access denied for productUpdate field. Required access: `write_products` access scope. Also: The user must have a permission to update products.",
      "locations": [
        {
          "line": 2,
          "column": 3
        }
      ],
      "path": [
        "productUpdate"
      ],
      "extensions": {
        "code": "ACCESS_DENIED",
        "documentation": "https://shopify.dev/api/usage/access-scopes",
        "requiredAccess": "`write_products` access scope. Also: The user must have a permission to update products."
      }
    }
  ],
  "extensions": {
    "cost": {
      "requestedQueryCost": 112,
      "actualQueryCost": 10,
      "throttleStatus": {
        "maximumAvailable": 1000,
        "currentlyAvailable": 990,
        "restoreRate": 50
      }
    }
  }
}

I have provided the access scopes for admin API configuration

also when I am running this query

{
    currentAppInstallation {
        accessScopes {
            handle
        }
    }
}

I am getting this response

{
  "data": {
    "currentAppInstallation": {
      "accessScopes": [
        {
          "handle": "read_content"
        },
        {
          "handle": "read_products"
        },
        {
          "handle": "unauthenticated_read_product_listings"
        },
        {
          "handle": "unauthenticated_read_product_tags"
        },
        {
          "handle": "unauthenticated_write_checkouts"
        },
        {
          "handle": "unauthenticated_write_customers"
        },
        {
          "handle": "unauthenticated_read_customer_tags"
        },
        {
          "handle": "unauthenticated_read_content"
        },
        {
          "handle": "unauthenticated_read_checkouts"
        },
        {
          "handle": "unauthenticated_read_customers"
        }
      ]
    }
  },
  "extensions": {
    "cost": {
      "requestedQueryCost": 2,
      "actualQueryCost": 2,
      "throttleStatus": {
        "maximumAvailable": 1000,
        "currentlyAvailable": 998,
        "restoreRate": 50
      }
    }
  }
}

Needed Help!!!!

ShopifyDevSup · ‎01-25-2023

Hi @IndikaDev 👋

Would you please try the same mutation in the below curl request instead? I've seen this be an issue when apps incorrectly reference the Storefront API endpoint rather than the Admin API.

curl -L -X POST 'https://STORE-NAME.myshopify.com/admin/api/2023-01/graphql.json' \
-H 'X-Shopify-Access-Token: ADMIN-ACCESS-TOKEN' \
-H 'Content-Type: application/json' \
--data-raw '{"query":"mutation ($input: ProductInput!) { productUpdate(input: $input) { product { metafields(first: 10) { nodes { namespace key value } } } } }","variables":{"input":{"id":"gid://shopify/Product/6795723079798","metafields":[{"namespace":"instructions","key":"wash","value":"cold wash","type":"single_line_text_field"}]}}}'

Developer Support @ Shopify
- Was this reply helpful? Click Like to let us know!
- Was your question answered? Mark it as an Accepted Solution
- To learn more visit Shopify.dev or the Shopify Web Design and Development Blog

View solution in original post

ShopifyDevSup · ‎01-25-2023

Hi @IndikaDev 👋

Would you please try the same mutation in the below curl request instead? I've seen this be an issue when apps incorrectly reference the Storefront API endpoint rather than the Admin API.

curl -L -X POST 'https://STORE-NAME.myshopify.com/admin/api/2023-01/graphql.json' \
-H 'X-Shopify-Access-Token: ADMIN-ACCESS-TOKEN' \
-H 'Content-Type: application/json' \
--data-raw '{"query":"mutation ($input: ProductInput!) { productUpdate(input: $input) { product { metafields(first: 10) { nodes { namespace key value } } } } }","variables":{"input":{"id":"gid://shopify/Product/6795723079798","metafields":[{"namespace":"instructions","key":"wash","value":"cold wash","type":"single_line_text_field"}]}}}'

Developer Support @ Shopify
- Was this reply helpful? Click Like to let us know!
- Was your question answered? Mark it as an Accepted Solution
- To learn more visit Shopify.dev or the Shopify Web Design and Development Blog

IndikaDev · ‎01-28-2023

Thanks, it worked, don't know why graphiql was not working!!!

sarmadkamal · ‎05-31-2023

Hey, I am getting similar error while creating product which is bundle of more than one product but it says I don't have access of write_product but i have granted all access of product creation and edit product Here is my GrapQL Query
mutation {
productCreate(input: {
title: "Our first bundle ",
handle: "bundle-product",
productType: "bundle",
vendor: "bundle",
tags: "bundle",
variants: [
{ price: 120, sku: "gid://shopify/Product/4517844877425" },
{ price: 110, sku: "gid://shopify/Product/4517845500017" },
{ price: 100, sku: "gid://shopify/Product/4517865291889" }
]
}) {
product {
id
title
handle
productType
vendor
publishedAt
tags
variants(first: 3) {
edges {
node {
id
price
sku
}
}
}
}
}
}

and here is the response

{
"data": {
"productCreate": null
},
"errors": [
{
"message": "Access denied for productCreate field. Required access: `write_products` access scope. Also: The user must have a permission to create products.",
"locations": [
{
"line": 2,
"column": 7
}
],
"path": [
"productCreate"
],
"extensions": {
"code": "ACCESS_DENIED",
"documentation": "https://shopify.dev/api/usage/access-scopes",
"requiredAccess": "`write_products` access scope. Also: The user must have a permission to create products."
}
}
],
"extensions": {
"cost": {
"requestedQueryCost": 15,
"actualQueryCost": 10,
"throttleStatus": {
"maximumAvailable": 1000,
"currentlyAvailable": 990,
"restoreRate": 50
}
}
}
}

can you suggest any solution also can you suggest that my GraphQL query is correct which make bundle of product and deal as single product

Charles_Roberts · ‎03-12-2024

Can you explain why this is the accepted solution?

ShopifyDevSup · ‎03-14-2024

Hey @Charles_Roberts,

An app can have both Admin and Storefront API scopes granted, however those APIs are accessible on different endpoints.

When the OP shared the response from their query for AppInstallation.accessScopes and only Storefront API permissions were returned it seemed most likely that they had the wrong endpoint for updating products with the GraphQL Admin API.

Since they mentioned that they were using the GraphiQL app, it's possible that the wrong API Schema was selected in the tool.

Hope that helps!

Developer Support @ Shopify
- Was this reply helpful? Click Like to let us know!
- Was your question answered? Mark it as an Accepted Solution
- To learn more visit Shopify.dev or the Shopify Web Design and Development Blog