Shopify laravel Missing Authorization key in headers array in production server
I deployed a shopify apps using laravel and polaris react in my host.
But my api are getting 500 server error and in laravel.log Its showing :
production.ERROR: Missing Authorization key in headers array {"exception":"[object] (Shopify\\Exception\\MissingArgumentException(code: 0): Missing Authorization key in headers array at /public_html/vendor/shopify/shopify-api/src/Auth/OAuth.php:226)
[stacktrace]
#0
/public_html/vendor/shopify/shopify-api/src/Utils.php(160): Shopify\\Auth\\OAuth::getCurrentSessionId(Array, Array, false)
#1
/public_html/app/Http/Middleware/EnsureShopifySession.php(54): Shopify\\Utils::loadCurrentSession(Array, Array, false)
In locally its pretty okay. All api are being called without server error.
even i sent authorization aslo. please see below image.
I deployed Only web folder to production after build using npm run build with api key
I used this .env at production
APP_NAME="Shopify PHP App"
APP_ENV=production
APP_KEY=base64:aLjEjgav7KX1UFyB7JUzySf/d0rV7rvHMsWOdJBnbHE=
APP_DEBUG=false
LOG_CHANNEL=stack
LOG_LEVEL=debug
DB_CONNECTION=mysql
DB_FOREIGN_KEYS=true
DB_HOST=localhost
DB_PORT=3306
DB_DATABASE=stack
DB_USERNAME=root
DB_PASSWORD=2164114
HOST=https://myhost.com
PORT=8082
SHOPIFY_API_KEY=myapikey
SHOPIFY_API_SECRET=myapikeysecret
SCOPES=write_products
I used two .htaccess, One in root and another inside public folder.
Inside root:
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -d [OR]
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule ^ ^$1 [N]RewriteCond %{REQUEST_URI} (\.\w+$) [NC]
RewriteRule ^(.*)$ public/$1RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ server.php
</IfModule>
Inside public folder
RewriteEngine on
RewriteCond $1 !^(index.php|resources|robots.txt)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L,QSA]RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
Also I disabled csrf token
protected $except = [
'*'
];
where is the problem ?
Anything wrong in my configuration ?
If i need to provide more information, please let me know.
Community Blog Articles
Discover how to increase customer engagement on your store with articles from Shopify A...
By Jacqui Apr 23, 2025
Hey Community 👋 Did you know that March 15th is National Everything You Think Is W...
By JasonH Apr 1, 2025
Discover how to increase the efficiency of commerce operations with Shopify Academy's l...
By Jacqui Mar 26, 2025