Post metafields to shopify admin API

Leonardo1
Visitor
3 0 0

I´m trying to save customers metafields using the shopify admin api, i´m using this code

var data = {
    "metafield": {
        "namespace": "test",
        "key": "testkey",
        "value": "lorem ipsum",
        "value_type": "string"
    }
}
var xhr = new XMLHttpRequest();
xhr.open("POST", "/admin/customers/0000000000/metafields.json", true);
xhr.withCredentials = true;
xhr.setRequestHeader("Authorization", 'Basic ' + btoa('myuser:mypass'));
xhr.setRequestHeader("Content-Type", "application/json");
xhr.onload = function () {
    console.log(xhr.responseText);
};
xhr.send(JSON.stringify(data)); //RETURNS A CODE 301 WITHOUT RESPONSE MESSAGE
xhr.send(data); //RETURNS A CODE 400 WITH "error 419: unexpected token at 'object Object]'" MESSAGE

Please tell me What I missing?

Thanks a lot

Replies 4 (4)

Jason
Shopify Expert
11190 225 2283

Why are you posting to the API with JavaScript? This makes me nervous since you'd be exposing the authentication details.

The API will reject requests that send cookies - something this call in the browser will be doing. 

Can you give more context on how you are making this call?

★ I jump on these forums in my free time to help and share some insights. Not looking to be hired, and not looking for work. http://freakdesign.com.au ★

Leonardo1
Visitor
3 0 0
Hi Jason, thanks for replying, I was actually just doing some proof of concept.
The need that I have is to save data for customers to manage a personalized list, for this reason, I need to save that data somewhere.

What options do you recommend to do that?? I was reading documentation to connect my store to an external application developed in php but shopify blocks the requests to external domains.

I was also reading the storefront api, but I do not see anywhere that would allow the saving of metafields for users

Thanks again

Jason
Shopify Expert
11190 225 2283

The idea of storing extra information on the customer makes sense if you then need to use that info in Liquid. If it's just data to be used in the business in other ways I'd first ask should this data even be in a metafield.

If it does need to be used in Liquid - metafields are a good choice. You can use the API to develop a small custom app that will read/write metafields to the customer. On the front end, you could post data via AJAX to your app, which in turn will update the customer. You just need to make 1000% sure that your app is secure and can't be exploited by other customers.

Some existing metafield apps on the store allow customers to save details to their account as metafields if you don't want to build something custom.

 

★ I jump on these forums in my free time to help and share some insights. Not looking to be hired, and not looking for work. http://freakdesign.com.au ★

Leonardo1
Visitor
3 0 0

Hi Jason, again thanks a lot for help me, that we need is the customers have the possibility to keep a wish list, the mew idea is to have an API to save the preferences of our customers. Initially I thought of metafields because we need to show the listing in the store with liquid, now, the problem that arises is the security of the application, in addition to the initial problem to save the metafields, which always returns a 301.

Can we talk about a personal assistance?