unauthenticated_read_product_inventory scope not applying (unable to access quantityAvailable)?

CWB2_0 · ‎05-27-2024

Similar to this unresolved issue from a few months ago..

I am trying to access a Variant's inventory quantities (quantityAvailable), in order to see if a product has enough stock to be completely fulfilled (Cart quantity <= quantityAvailable), through a Custom App.

According to the documentation on access scopes, the unauthenticated_read_product_inventory scope is exactly what I need, but it doesn't seem to be recognized.

I have added those scopes to the shopify.app.toml,...

scopes = "read_all_orders,read_inventory,read_orders,read_products,unauthenticated_read_product_inventory,unauthenticated_read_product_listings,unauthenticated_read_product_pickup_locations,write_orders,write_payment_customizations,write_products"

... as well as deployed the config (and accepting the updated scopes). My Partners dashboard shows that these changes were successful.

However, when trying to write a graphql query to find a variant's inventory...

query VariantInventory($id: ID!) {
  node(id: $id) {
    ... on ProductVariant {
      id
      currentlyNotInStock
      quantityAvailable
    }
  }
}

... I get the following error message:

{
  "data": {
    "node": {
      "id": "gid://shopify/ProductVariant/12345678901234",
      "currentlyNotInStock": false,
      "quantityAvailable": null
    }
  },
  "errors": [
    {
      "message": "Access denied for quantityAvailable field. Required access: `unauthenticated_read_product_inventory` access scope.",
      "locations": [
        {
          "line": 6,
          "column": 6
        }
      ],
      "path": [
        "node",
        "quantityAvailable"
      ],
      "extensions": {
        "code": "ACCESS_DENIED",
        "documentation": "https://shopify.dev/api/usage/access-scopes",
        "requiredAccess": "`unauthenticated_read_product_inventory` access scope."
      }
    }
  ]
}

The only thing that may help point towards any hint, is that when I list the access scopes, the unauthenticated_read_product_inventory scope doesn't appear for whatever reason.

query AllScopes{
  appInstallation {
    accessScopes {
      handle
    }
  }
}

## LEADS TO ##

{
  "data": {
    "appInstallation": {
      "accessScopes": [
        {
          "handle": "read_content"
        },
        {
          "handle": "read_all_orders"
        },
        {
          "handle": "write_orders"
        },
        {
          "handle": "write_payment_customizations"
        },
        {
          "handle": "write_products"
        },
        {
          "handle": "unauthenticated_read_content"
        },
        {
          "handle": "unauthenticated_read_product_listings"
        },
        {
          "handle": "read_orders"
        },
        {
          "handle": "read_payment_customizations"
        },
        {
          "handle": "read_products"
        }
      ]
    }
  },
  "extensions": {
    "cost": {
        ...
      }
    }
  }
}

So what is going wrong here? Why is the unauthenticated_read_product_inventory scope disappearing? And what can I do to find a Variant's inventory levels?

Thanks in Advance!

tomperalta · ‎05-30-2024

It seems this issue has been going on for months — Shopify support sucks.

CWB2_0 · ‎06-03-2024

As a growing list of the supposed adding of this feature (yet still no support)...

"totalInventory will be available in the 2020-04 version of the Storefront API, and this SDK will be updated shortly after the API is publicly released. Note that you will need the unauthenticated_read_product_inventory scope to read product inventory." - February 2020 (Github - Shopify Staff)
"Hello [user], this will be available in the Storefront API as of April 2020 🎉, and will be called ProductVariant.quantityAvailable! Check out the Storefront API ProductVariant API reference for 2020-04. This SDK will be updated shortly after the full release." - February 2023 (Github - Shopify Staff (Same as Above))
"Need unauthenticated_read_product_inventory to access quantityAvailable? -- `availableForSale` "fix" - February 2023 (Shopify Forum)
"Access denied for quantityAvailable field. Required access:unauthenticated_read_product_inventory" - May 2023 (Shopify Forum)
"At this time this scope is unavailable for the Storefront API via Checkout UI extensions. I have brought this to the attention of the team. You can also create a Github Issue requesting this scope be added." - July 2023 (Shopify Support)
"This is currently a limitation of the direct storefront API access for checkout UI extensions and planned to be addressed in the future. Alternatively, you can craft your own Storefront API query with an token which does have that access scope." - December 2023 (Github)
"Hey [user] 👋 . The GraphiQL app doesn't support selection of unauthenticated_read_product_inventory on install. I see someone has responded to your ask over on the ui-extension repo that for ui-extensions this is something that will be fixed in the future." - December 2023 (Github - Shopify Staff)
My Post - May 2024 (Shopify Forum)

C'mon people, you've claimed that this works for over 4 years now. What went wrong?

m90studio · ‎03-11-2025

We are also still having the same issue - it is now Mar 2025, and still no solution from Shopify. Attempting to correct the issue of the default error modal that is triggered when adding a quantity of items above the available stock when using any Stepper UI components (with the modal having its own bug by redirecting and emptying the cart when Customer clicks 'Continue Checkout'). We are having to build a Proxy Admin API to get inventoryData in our Checkout Extension just to prevent this bad experience.

Upon reaching out to Shopify about this issue weeks ago, they informed me this is a known issue and they did not have a timeline for when this would be fixed. My ticket was taken out of the active queue. In case any of you needed to know their priorities at this time.

greeshma · ‎04-07-2025

Hi, I faced the same issue when fetching product details in the Theme Extension app. I was able to resolve it by making the necessary changes listed below. You can refer to this and let me know if it works for you.

First, we need to enable the Storefront API in the Shopify Partner account. To do this, log in to the Shopify Partner account, select the app, and go to the Configuration section. Under the Storefront API section, you’ll notice that the Enable Storefront API button is disabled. To activate it, choose a distribution method by selecting Custom distribution, then add your store domain and generate the install link. After that, you’ll be able to enable the Storefront API.

Next, add the required scopes to your shopify.app.toml file:

scopes = "write_products, read_products, unauthenticated_read_product_tags, unauthenticated_read_customers, unauthenticated_read_product_listings"

Then, run the following command to deploy the scopes to your Partner account:

shopify app deploy

After running the deploy command, go to your Partner Dashboard, select the app, and navigate to the API access section. There, you will see that the added scopes are now listed.

Now, update your shopify.extension.toml file for the theme extension to include the same scopes:

[access_scopes]
unauthenticated_read_product_listings = true
unauthenticated_read_product_tags = true
unauthenticated_read_customers = true
write_products = true
read_products = true

Run the deploy command again:

shopify app deploy

From Liquid, you can call the following API to fetch the first 3 product details:

import { json } from "@remix-run/node";
import { authenticate, unauthenticated } from "../shopify.server";
import { cors } from 'remix-utils/cors';

export async function loader({ request }) {
const { storefront } = await unauthenticated.storefront(
'egitsstore.myshopify.com'
);

const response = await storefront.graphql(`
query products {
products(first: 3) {
edges {
node {
id
title
}
}
}
}
`);

const data = await response.json();

return json(
{ data },
{ headers: { "Access-Control-Allow-Origin": "*" } }
);
}

Finally, reinstall the app. The updated scopes and Storefront API access will only take effect after reinstalling the app.

unauthenticated_read_product_inventory scope not applying (unable to access quantityAvailable)?