A space to discuss GraphQL queries, mutations, troubleshooting, throttling, and best practices.
Hi,
I am trying to get order data using:
app.get("/api/orders", async (_req, res) => {
const data = await shopify.api.rest.Order.all({
session: res.locals.shopify.session,
status: "any",
fields: "total_price, id, processed_at",
});
res.status(200).json(data);
});
"[API] This app is not approved to access REST endpoints with protected customer data.
I checked the protected columns, it's none of the field above.
I have added read_all_orders into my scope.
Any idea why? What am I missing here?
Thanks in advance!
Hiya,
I had the same issue and I'm not 100% sure but I think your development app isn't approved to access customer data like another other app unless you request access to it and have good reason to access it. This can be done in the app settings in partner dashboard. However, i don't know what's involved in that process and imagine they wouldn't approve a dev app.
My solution was to deploy/install my app to an actual store as a private app (i forget the actual terminology for this and the partner dashboard is currently down so I can't check, but it's in the app settings). I assume that because it's a private app there is no concern around access to customer data, because it's only for one customer. Whatever the reason, once I installed the app in my actual store it worked. Perhaps you can do the same with a test store?... I haven't tried.