Storefront API mutate metafields OR metaobjects

Storefront API mutate metafields OR metaobjects

belazaras
Shopify Partner
3 0 3

Is there a way of mutating (creating or updating) metafields for Customers or any other place where I can write info to? the customerUpdate mutation won't receive a metafields argument. There's the cartMetafieldsSet mutation but that doesn't really work.

Also there's no way of writing Metaobjects?

I just want to save some preferences into the user's account.

Reply 1 (1)

kjchabra
Shopify Partner
26 1 6

@belazaras To update customer metafields you need to make request to Shopify's Admin API via metafieldsSet. Depending on where your headless site is hosted, you will need to setup a server api endpoint that accepts the user id and metafield value as payload. Once the payload is received, you can call the admin metafield endpoint with the payload (See link for what your mutation needs to look like). Please ensure that the Admin API secret is not exposed to the users of the site hence why server api endpoint is needed. You can possibly do the same to write Metaobject as well.

 

However, this doesn't guarantee that the user submitting the request is the same customer, that the fields are being updated for. For example, anyone can go on your site and call the server endpoint and pass in payload of random user ids and metafield value.

 

To create an authentated request to the endpoint, its probably best to use the Storefront API and call customerAccessTokenCreate mutation for user to log in. The token contains value of who the user is and you can pass the token including the metafield value as the payload to your server endpoint. This way you can ensure that the user making the request is the same customer that the fields need to be update for. So the steps to make this possible would be:
1. Create customer access token when user logs in

2. If successful, capture the customer access token and store it in local storage

3. Send the customer access token to the server endpoint with metafield value

4. Server endpoint verifies the token and gets customer details using customer query.

5. If customer is valid, the logic in the endpoint then calls the Admin API and updates the customer's metafield or metaobject. (Admin API has its own rate limiting just be careful of how many times the endpoint calls the Admin API)

 

Alternatively, you can use our Clouver app which sets up the whole infrastructure required to make this use case possible. We saw the same challenges and decided to create an app that makes the update possible without much hassle. It even handles API rate limiting for Admin API. The app once deployed, displays a storefront token and an endpoint that you can make POST requests to with a valid payload.

 

The implementation of the app is meant to update customer metafield value for Shopify's theme build, however you can still use Headless site to make the calls to the endpoint. You do need an AWS account to set this up and instructions on how to use it with headless are also documented.

 

Hope this helps and happy to answer any questions you may have.

 

Thanks

KJ