FROM CACHE - en_header
Promotion image

Edit order app permission randomly resets from time to time

zionut_
Visitor
3 0 0
‎09-22-2021 07:10 AM

Hello,

 

I am requesting `write_order_edits` permission for my app and everything works fine for some time but a few days later I start getting `OrderEditBegin access denied error` from the api calls. While this is happening I've noticed that the permission disappeared from the app without doing anything on my side.

 

Can anyone please help me fix this?

1,218 Views
0 Likes
Report
Replies 7 (7)

Luke_K
Shopify Staff
402 66 98
‎09-23-2021 10:53 PM

Hey @zionut_ 

If you'd like to supply me with a request_id where you see the access denied then that will be a good start and we can try and find out what's going on here. Thanks!

| Shopify |
- Was my reply helpful? Click Like to let me know!
- Was your question answered? Mark it as an Accepted Solution!
1,125 Views
0 Likes
Report
In response to Luke_K

zionut_
Visitor
3 0 0
‎09-27-2021 06:46 AM

Hey there, @Luke_K !

 

This is the request_id: fd1f1362-48d7-4167-a64c-9c91dc5c9014

1,041 Views
0 Likes
Report
In response to zionut_

Luke_K
Shopify Staff
402 66 98
‎09-27-2021 06:30 PM

Hey @zionut_ 

Thanks for supplying that request ID!  I'd taken a check of that request and indeed it's is missing the scopes of write_order_edits and read_order_edits when a call is made to version 2021-04 via the Postman client and hence we would expect an Access Denied. 

That said, I can see other requests on the same day that are made via a different client (via Python) for the app - the other client actually does include those above scopes when a request is made with the Python client and the orderEditBegin mutation runs successfully.

I've raised a ticket for this and have begun some investigation. I'm wondering in the meantime if you'd like to re-request those access scopes for the client that is missing write_order_edits and read_order_edits?  I'd really like to track the point at which the scopes begin to go missing as you'd mentioned too, as that behaviour wouldn't be expected. Thanks!

| Shopify |
- Was my reply helpful? Click Like to let me know!
- Was your question answered? Mark it as an Accepted Solution!
937 Views
1 Like
Report
In response to Luke_K

zionut_
Visitor
3 0 0
‎09-28-2021 07:28 AM

Hey @Luke_K 

 

Here is another request using the 2020-10 version which our Python client uses: 0d8928ce-170e-4c93-9cf8-fa60df6d4ccc. This is for a different customer which has the same problem and for which used to work a few days ago.

 

Also, for the previous request_id, i've asked the customer to reconnect our shopify app to their store in order gain back the write_order_edits and read_order_edits scopes but I'm not sure how long this will take.

 

Maybe with 0d8928ce-170e-4c93-9cf8-fa60df6d4ccc (the new one) we have more success in this regard since the customer was already advised to reconnect it when it happens and he already did it a couple of times.

848 Views
0 Likes
Report
In response to zionut_

Luke_K
Shopify Staff
402 66 98
‎09-28-2021 04:45 PM

Hey @zionut_ 

Thanks for providing that extra request ID. The team have investigated here and we’d like to ask you to first retrieve the access scopes that are associated to your online/offline tokens. This can be done by performing a GET request to the access_scopes.json endpoint (docs

Based on the GraphQL Access denied errors, it seem the token(s) for the app do not have the write_order_edits scope which would be required to make order edits on a store to store basis.

I’d recommend to check the documentation here which would provide more information on changing requested scopes. This would allow you to programatically update the access scopes. Let me know how that goes!

 

 

| Shopify |
- Was my reply helpful? Click Like to let me know!
- Was your question answered? Mark it as an Accepted Solution!
755 Views
0 Likes
Report
In response to Luke_K

MaxDry
Visitor
3 0 0
‎09-29-2021 06:46 AM

Hey @Luke_K ,

I'm working with @zionut_ on this one. 
We can for sure check the scopes associated with the tokens we have for those apps. Actually that's how we know some permissions are missing. When a customer adds our app we request all the permissions required and it works(the customer can edit order) for while, then after a random period of time, the write_edit_order permission starts to be missing.

About the last example, our customer re-authorized, again, our app today, these are the scopes we have today (request id: 48e058f1-cb4d-4ec7-8c07-cda350adc90b

 

{
    "access_scopes": [
        {
            "handle": "read_all_orders"
        },
        {
            "handle": "write_orders"
        },
        {
            "handle": "write_order_edits"
        },
        {
            "handle": "write_customers"
        },
        {
            "handle": "write_themes"
        },
        {
            "handle": "read_products"
        },
        {
            "handle": "write_draft_orders"
        },
        {
            "handle": "read_orders"
        },
        {
            "handle": "read_order_edits"
        },
        {
            "handle": "read_customers"
        },
        {
            "handle": "read_themes"
        },
        {
            "handle": "read_draft_orders"
        }
    ]
}

 

 

So, today it works for this customer (I made a successful edit order begin call :e5c71bf7-88d1-4789-95be-60e34204e12a). Now I'm confident the issue will happen again and that the same token that works today will be missing permissions in some days, I'll let you know as soon as it happens.

For now our customers have to re-authorize the app every time it happens which is not ideal.


Thank you for your help on this matter.

667 Views
0 Likes
Report
In response to MaxDry

Luke_K
Shopify Staff
402 66 98
‎09-29-2021 05:09 PM

Hey @MaxDry 

Thanks -  I'll send you a DM, there is some information I've found based on the back of the request ID's.

| Shopify |
- Was my reply helpful? Click Like to let me know!
- Was your question answered? Mark it as an Accepted Solution!
586 Views
0 Likes
Report
Terms of Service Privacy Policy