Dedicated to the Hydrogen framework, headless commerce, and building custom storefronts using the Storefront API.
Hello!
i have been posting this issue over two week but no one can anser the questions.
i have an app it is public not private !
I use some variables for Admin side it works perfect!
url : /admin/api/2020-07/graphql.json
if (!is_null($token)) $request_headers[] = "X-Shopify-Access-Token: " . $token;
$request_headers[] = "Accept: application/json";
$request_headers[] = "Content-Type: application/json";
$request_headers[] = "Host: ".$shop;
$request_headers[] = "cache-control: no-cache";
--->OK
$token variable is access key for shopify user who installs the app and i get the key durring installation.
I know it is different options for public app to use graphql api so i use same token for strofront!
url : /api/2020-07/graphql.json
if (!is_null($token)) $request_headers[] = "X-Shopify-Storefront-Access-Token: " . $token;
$request_headers[] = "Accept: application/json";
$request_headers[] = "Content-Type: application/json";
$request_headers[] = "Host: ".$shop;
$request_headers[] = "cache-control: no-cache";
----> NOT OK!
response return empty and response code is 403
i did not understand what shopfy means in the documantation about "X-Shopify-Storefront-Access-Token"
i do not see any spesific key for this method. by the way my app is not in sale channel.
one test store installed the app and i am using access key for that store in $token; variaable.
if you ask where do i generate $token; variable, here is the answer:
//$access_token is equals $token variable.
however, i cannot access data with graphql api for storefront api
please help me to solve this problem..
Thank you!
{
"headers":{
"status":"HTTP\/1.1 403 Forbidden\r",
"Date":"Sun, 23 Aug 2020 15",
"Content-Type":"text\/html",
"Transfer-Encoding":"chunked",
"Connection":"keep-alive",
"Set-Cookie":"__cfduid=dee7e7fedaf75df668529f0e99dc68a061598197281; expires=Tue, 22-Sep-20 15",
"X-Sorting-Hat-PodId":"148",
"X-Sorting-Hat-ShopId":"45358055573",
"Vary":"Accept-Encoding",
"Access-Control-Allow-Origin":"*",
"X-Frame-Options":"DENY",
"X-ShopId":"45358055573",
"X-ShardId":"148",
"Content-Language":"tr",
"Strict-Transport-Security":"max-age=7889238",
"X-Request-Id":"d2881d60-818e-49a1-a648-31f9ebd9fdd7",
"X-Shopify-Stage":"production",
"Content-Security-Policy":"frame-ancestors 'none'; report-uri \/csp-report?source%5Baction%5D=query&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=api%2Fgraphql&source%5Bsection%5D=api&source%5Buuid%5D=d2881d60-818e-49a1-a648-31f9ebd9fdd7",
"X-Content-Type-Options":"nosniff",
"X-Download-Options":"noopen",
"X-Permitted-Cross-Domain-Policies":"none",
"X-XSS-Protection":"1; mode=block; report=\/xss-report?source%5Baction%5D=query&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=api%2Fgraphql&source%5Bsection%5D=api&source%5Buuid%5D=d2881d60-818e-49a1-a648-31f9ebd9fdd7",
"X-Dc":"gcp-us-east1,gcp-us-east1",
"CF-Cache-Status":"DYNAMIC",
"cf-request-id":"04bd944a8500000f72df2e0200000001",
"Expect-CT":"max-age=604800, report-uri=\"https",
"Server":"cloudflare",
"CF-RAY":"5c75eff0db4b0f72-MXP",
"alt-svc":"h3-27=\""
},
"response":""
}
Hey @Aljazari
You might want to check out this documentation on getting the storefront access token: https://shopify.dev/docs/storefront-api/getting-started, specifically the part for public apps.
Kevin_A | Solutions Engineer @ Shopify
- Was my reply helpful? Click Like to let me know!
- Was your question answered? Mark it as an Accepted Solution
- To learn more visit Shopify.dev or the Shopify Web Design and Development Blog