Have your say in Community Polls: What was/is your greatest motivation to start your own business?
Our Partner & Developer boards on the community are moving to a brand new home: the .dev community forums! While you can still access past discussions here, for all your future app and storefront building questions, head over to the new forums.

How to get access to the new Storefront API?

How to get access to the new Storefront API?

Jerome6
Visitor
2 0 3

I am trying to play around with the Storefront API that was announced last week at the Shopify Unite conference.

Using the traditional Shopify API in my toy app, when I do:

ShopifyAPI::StorefrontAccessToken.create(title: 'test')

I get this error:

ActiveResource::ForbiddenAccess: Failed.  Response code = 403.  Response message = Forbidden.

Do I need to change a setting in my app, or to request a special access? It is not mentioned in the documentation how to get any authorization.

Replies 11 (11)

Joe63
Shopify Partner
9 0 0

Hi Jerome

If you go to this page  https://help.shopify.com/api/storefront-api/getting-started#accessing-the-storefront-graphql-endpoin... and then under the "obtaining a storefront access token" I think you will just have to edit your current app to have the below.

In the Custom Storefront section, be sure to select Allow this app to access data from your storefront.

Hope that helps

Joe

Jerome6
Visitor
2 0 3

Hi Joe,

That would work for a private app. For my use case though, I am trying to work on a public app. 🙂

The "Obtaining a Storefront Access Token" section that you point out has two sets of instructions, one for private apps, with the instructions you gave me above.

The other set of instructions are toggled when I click on the "Via the REST API" button, which I assume is for public apps:

  1. Make sure you have the credentials necessary to make authenticated requests to the Shopify API.
  2. Create your Storefront Access Token as described in the reference here.

When I try to create the token, I get the error mentioned in my original post.

pxue
Shopify Partner
7 0 1

Similar issue. Any luck?

Muthu_Somasund1
Shopify Partner
37 0 4

Same issue here also. Any information? I think this API belongs to sales channel SDK.

thung
Tourist
3 0 4

im having the same issue

Mark_Gaensicke
Shopify Partner
3 0 2

I'm encountering the same issue, any solution yet?

Jamie_D_
Shopify Staff (Retired)
533 1 92

Hey all,

In order to successfully create a Storefront Access Token, your application must request one of the following scopes during OAuth:

* unauthenticated_read_product_listings
* unauthenticated_read_collection_listings
* unauthenticated_write_checkouts
* unauthenticated_write_customers

The Storefront Access Token will inherit any unauthenticated scopes from the access token that was used to created it.

An unauthenticated scope represents a level of access appropriate for an unauthenticated user, such as a customer on a storefront.

If you attempt to request a Storefront Access Token without having such a scope, you'll currently receive a 403 Forbidden error response.

Hope this helps to clear things up.

To learn more visit the Shopify Help Center or the Community Blog.

dylanpierce
Shopify Partner
288 14 124

@Jamie_D_ thanks for providing some ways to troubleshoot creating Storefront Access Tokens, I have a public app in testing and I've tried including all of the unauthenticated access scopes but still am receiving a 401 on the `storefront_access_token.json` creation endpoint. 

 

I've also tried turning my app into a sales channel and vice versa. Are storefront access tokens only available to private apps?

 

https://community.shopify.com/c/Shopify-APIs-SDKs/Clarification-on-rules-for-creating-Storefront-Acc...

Founder of Real ID - Verify your customer's real IDs easily & securely with modern A.I.

Want to see it in action? Check out our demo store.

Big_Van_Studio1
Shopify Partner
18 0 1

Hi Dylan..

I am facing the same issue.. How did you solve it?

Thanks in advance for any help..

Best

 

Mark_Gaensicke
Shopify Partner
3 0 2

Thanks for your help, your solution worked. I didn't realize that those scopes had been added to the regular scopes, I imagined they would only be available for the acces token.

However, after I got my access token, I can't use it to request information from GraphQL. Whenever I try to use it, I get a `Bad request` with the error message `SyntaxError: Unexpected token < in JSON at position 1`. When I use the token available in the specific store settings, I can get results with the same query. Any help on that?

nsbup16
Shopify Partner
4 0 7

i have the same problem !!

converted to sales channel then provided unauthenticated scopes to the app then reinstalled

after that creating storefront access token still get403 error