A space to discuss GraphQL queries, mutations, troubleshooting, throttling, and best practices.
When a private app is connected we want to check if it has the right access scopes. We're currently making a call to the endpoint `/admin/oauth/access_scopes.json` but the response we're getting doesn't make sense.
curl https://xxx:[email protected]/admin/oauth/access_scopes.json{"access_scopes":[{"handle":"read_products"},{"handle":"read_product_listings"},{"handle":"write_customers"},{"handle":"write_checkouts"},{"handle":"read_content"},{"handle":"read_customers"},{"handle":"read_checkouts"}]}
curl https://xxx:[email protected]/admin/api/2020-10/customers.json{"errors":"[API] This action requires merchant approval for read_customers scope."}%
This issue should now be resolved, but there could however be store front api related scopes (starting with unauthenticated) returned on existing private apps created prior to today. Despite returning these store front api related scopes, the private app will not have access to the store front api. A maintenance job might be deployed to correct the store front api scopes on existing private apps.
Regards,
John
John C | Developer Support @ Shopify
- Was my reply helpful? Click Like to let me know!
- Was your question answered? Mark it as an Accepted Solution
- To learn more visit Shopify.dev or the Shopify Web Design and Development Blog