A space to discuss GraphQL queries, mutations, troubleshooting, throttling, and best practices.
Hi,
I need some help please. I’m a Shopify developer and the Shopify App Store audits told me that “Your app is requesting scopes that aren't in use…”. I understand what it means, but I’m 100% sure that I did not request scopes that are not necessary. The unused scopes they listed are read_inventory, read_locations, and write_themes. On our end, this is the code that we have and the scopes that we request.
config.omniauth :shopify, ENV['SHOPIFY_key'], ENV['SHOPIFY_secret'],
{:scope => 'read_products, write_script_tags, read_orders',
:setup => lambda { |env|
params= Rack::Utils.parse_query(env['QUERY_STRING'])
site_url= "https://#{params["shop"]}"
env['omniauth.strategy'].options[:client_options][:site] =site_url}
}
As you can see under scope requested, we only ask for 'read_products, write_script_tags, read_orders' and all three are needed.
Why is the auditor saying that I am requesting for other scopes? Am I missing something?
Any help is much appreciated. Thank you.