App reviews, troubleshooting, and recommendations
Hello Shopify Community,
I'm developing a Shopify app and have encountered an issue when attempting to access order information via GraphQL. Despite having the necessary permissions set for my app, I'm receiving the following error when executing my query:
GraphqlQueryError: This app is not approved to access the Order object. See https://partners.shopify.com/[redacted]/apps/[redacted]/customer_data for more details.
Permissions Granted:
The order I'm trying to access is only 20 days old, so it falls within the permitted range. Below is the GraphQL query I'm using:
query getOrder($id: ID!) {
order(id: $id) {
id,
currencyCode,
presentmentCurrencyCode,
totalTaxSet {
presentmentMoney {
amount,
currencyCode
}
},
totalPriceSet {
presentmentMoney {
amount,
currencyCode
}
},
name,
netPaymentSet {
presentmentMoney {
amount,
currencyCode
}
},
requiresShipping,
restockable,
shippingLine {
discountedPriceSet {
presentmentMoney {
amount,
currencyCode
}
}
},
metafields(first: 1, namespace: "$app:redacted-name") {
nodes {
namespace,
id,
value,
key
}
}
}
}
I'm concerned that part of my query might be accessing data considered sensitive by Shopify, but I'm not sure which part could be causing the issue. The query includes many fields, but none of these seem to directly access sensitive customer data.
The app also has the following permission details with respect to the store context it is installed in:
Also, I have tested this scope with a local tunneled app and did not have this issue. The scopes env vars are also correctly passed to the environment:
(I attempted to check if products scope was missing, but that did not solve the issue.)
Additional context:
Remix app, a loader at a route URL serving fetch for a block extension
const { admin, cors } = await authenticate.admin(request);
Request is done with admin.graphql and works wonderfully in a local environment with identical permissions.
Questions:
Any guidance, suggestions, or references to documentation would be greatly appreciated. Thank you in advance for your help!
Solved! Go to the solution
This is an accepted solution.
If anyone comes here to look for a solution, then I can say I didn't find the most ideal solution here, but I found a fix that works for now.
Because this error only happened when I made a request from an UI Extension to the Remix backend, I simply stopped making these requests.
Is this perhaps because of the metafield that relates to the single order? https://shopify.dev/docs/apps/store/data-protection/protected-customer-data
Find the shopify.app.toml file in code and update the scopes = "write_products, read_themes, read_orders, write_orders"
May be this will solve your issue.
Brain Station 23 PLC
- Was my reply helpful? Click Like to let me know!
- Was your question answered? Mark it as an Accepted Solution
What would be the idea behind the read_themes scope?
This is an accepted solution.
If anyone comes here to look for a solution, then I can say I didn't find the most ideal solution here, but I found a fix that works for now.
Because this error only happened when I made a request from an UI Extension to the Remix backend, I simply stopped making these requests.
Starting a B2B store is a big undertaking that requires careful planning and execution. W...
By JasonH Sep 23, 2024By investing 30 minutes of your time, you can unlock the potential for increased sales,...
By Jacqui Sep 11, 2024We appreciate the diverse ways you participate in and engage with the Shopify Communi...
By JasonH Sep 9, 2024