Retrieving OAuth access token endpoint possibly being blocked

Shopify Partner
3 0 0


We're currently developing an integration with Shopify for our company but we're having some issues retrieving the OAuth access token. I suspect this might be because the `https://$` endpoint is inaccessible to our servers.

The reason I think this might be the case is because it works as expected if we make a direct call to the endpoint it works as expected. I have omitted the initial steps to get the authorisation token:


> -H "Content-Type: application/x-www-form-urlencoded" \
> --data-urlencode "code=17aa3cd463105fcf634964a78a62aa2c" \
> --data-urlencode "client_id=8715caaa52f9066e8e155XXXXXXXXXXX" \
> --data-urlencode "client_secret=shpss_45d4746a2f4ba584f268XXXXXXXXXXX"
HTTP/2 200 


 I also tried running our internal OAuth service locally and made the call through there - this also worked as expected.

However, when we try to perform exactly the same steps on our test environment we get the following response:


<head><title>403 Forbidden</title></head>
<center><h1>403 Forbidden</h1></center>


I was wondering whether perhaps our servers IP ranges need to be added to an allow-list or similar?

I also get a `Too Many Requests` message whenever I try to login to `` when connecting through our company VPN - I'm not sure if this is related or not.

Many Thanks,

Replies 0 (0)