Private app authentication

New Member
1 0 0

We're having issues with integrating with an App that we're building. This app is a piece of middleware that sits between Shopify, SalesForce and our App and currently we're getting issues with the checkout API. We've created the app is a private app, but Shopify have advised that we need to make it a public app in order to have it as a sales channel (see below). We don't want to create a public sales channel app. Any advice on how to get around this would be appreciated?


We can see that the app is making a request to the checkouts API but are hitting the error message "403 forbidden" when trying make a get request to /admin/api/2021-07/checkouts/{token}.json, because the app doesn’t have the right access scope to read the checkouts.

The right access scope is read_checkouts but the call is from a private app. We haven’t seen any public facing information that suggests they can make this type of request via private app and this scope is limited to sales channels.

If the app wants to hit the Checkout API with that type of request, you would have to create a public sales channel app (docs here) in the partner dashboard as opposed to trying to do this via a private app. Once you’ve done that, you can request the read_checkouts access scope through the Oauthentication process (docs here)."

Replies 0 (0)