Solved

Can't send request with Postman to public app (already tried not using cookies)

Chumpbo
Tourist
3 1 1

Hello, I think I might be not understanding this but I am trying to access a embedded public app I am developing. If I try to access the app with my browser it works just fine. I added an api page so I can do get/post requests there. When I use my browser it works just fine but using postman I get a strange response, no matter what page of the app I try to access, it gives me a "Continue" link that leads nowhere.

I have googled for hours and all the replies to this problem are "disable the cookies , don't send the cookies with Postman, etc..." I have tried that. I am 100% sure I'm not sending cookies I even disabled the Postman Cookie Jar.

 

I also tried the oauth request:

 

 

 

 

POST https://{{shop}}.myshopify.com/admin/oauth/authorize?client_id={{api_key}}&scope={{scopes}}&redirect_uri={{redirect_uri}}&state={{nonce}}&grant_options[]={{access_mode}}

 

 

 

 

getting the same result... I don't know if I am missing something obvious. I must mention it is a Public, Embedded app that is in "Draft" status.

 

The request:

 

 

 

 

GET https://{{api_key}}:{{api_secret}}@{{shop}}.myshopify.com/admin/apps/juice-10/api/getarticle

 

 

 

 

The response:

 

 

 

 

<html>

<body>
	<noscript>
		<a
			href="https://accounts.shopify.com/oauth/authorize?client_id=7ee65a63608843c577db8b23c4d7316ea0a01bd2f7594f8a9c06ea668c1b775c&amp;destination_uuid=74e4e521-1fd7-4ea5-82b8-7cc68228cbaa&amp;nonce=75997f0b40d360702311e6517aa4007c&amp;prompt=merge&amp;redirect_uri=https%3A%2F%2Fjuice-developement-store.myshopify.com%2Fadmin%2Fauth%2Fidentity%2Fcallback&amp;response_type=code&amp;scope=email%20https%3A%2F%2Fapi.shopify.com%2Fauth%2Fdestinations.readonly%20openid%20profile%20https%3A%2F%2Fapi.shopify.com%2Fauth%2Fpartners.collaborator-relationships.readonly%20https%3A%2F%2Fapi.shopify.com%2Fauth%2Fbanking.manage%20https%3A%2F%2Fapi.shopify.com%2Fauth%2Fshopify-chat.admin.graphql%20https%3A%2F%2Fapi.shopify.com%2Fauth%2Fflow.workflows.manage%20https%3A%2F%2Fapi.shopify.com%2Fauth%2Forganization-identity.manage&amp;state=f0e9b9b1946b163ff511bd3e5345e015&amp;ui_locales=en&amp;ux=shop">Continue</a>
	</noscript>

	<script type="text/javascript" defer>
		window.location = "https:\/\/accounts.shopify.com\/oauth\/authorize?client_id=7ee65a63608843c577db8b23c4d7316ea0a01bd2f7594f8a9c06ea668c1b775c\u0026destination_uuid=74e4e521-1fd7-4ea5-82b8-7cc68228cbaa\u0026nonce=75997f0b40d360702311e6517aa4007c\u0026prompt=merge\u0026redirect_uri=https%3A%2F%2Fjuice-developement-store.myshopify.com%2Fadmin%2Fauth%2Fidentity%2Fcallback\u0026response_type=code\u0026scope=email%20https%3A%2F%2Fapi.shopify.com%2Fauth%2Fdestinations.readonly%20openid%20profile%20https%3A%2F%2Fapi.shopify.com%2Fauth%2Fpartners.collaborator-relationships.readonly%20https%3A%2F%2Fapi.shopify.com%2Fauth%2Fbanking.manage%20https%3A%2F%2Fapi.shopify.com%2Fauth%2Fshopify-chat.admin.graphql%20https%3A%2F%2Fapi.shopify.com%2Fauth%2Fflow.workflows.manage%20https%3A%2F%2Fapi.shopify.com%2Fauth%2Forganization-identity.manage\u0026state=f0e9b9b1946b163ff511bd3e5345e015\u0026ui_locales=en\u0026ux=shop";
	</script>
</body>

</html>

 

 

 

 

 

I will appreciate any help. Thank you very much.

 

Accepted Solution (1)
Chumpbo
Tourist
3 1 1

This is an accepted solution.

I figured it out. I assumed you could send requests to the admin panel but obviously you cannot since that requires said user to be logged in. In order to send requests I must send them to wherever the app is hosted, in this case, my own localhost. All of this comes from me assuming Shopify would host the app and therefore I'd have to send those requests to the Shopify servers, expecting it to reach my app....

 

 

 

View solution in original post

Replies 3 (3)

olavoasantos
Shopify Staff
21 5 15

Hey @Chumpbo . How are you?

Thank you for reaching out. If I understood correctly, you created some API endpoints that are being used by your app on the browser and you're trying to access them through Postman?

On the browser, are you using an `authenticatedFetch` to make the calls? Have you tried adding the `session token` to the Postman request's header (something like the image below)?

 

jwt-authentication-1ad4361bef4ad7ae599478a7c90917694da192aa153dd5a1a24769e9658b7972

 

To learn more visit the Shopify Help Center or the Community Blog.

Chumpbo
Tourist
3 1 1

Hi @olavoasantos ! Thank you for the reply. 

 

I did try adding the session token to the request but I got the same response. I also tried doing it the non-Embedded way and setting up the old OAuth Flow and getting my X-Shopify-Access-Token token that would go in the header but I still get the same...

 

All I want is a custom API endpoint in my app that is accessible from an external service (Postman right now for testing purposes) but it seems like a user needs to be logged in the browser in order for it to work? if I put the GET request as an URL address on my browser, it does reach, but this needs to happen from the backend of an external service.

 

What I am trying to do is send a large text article inside the body of the external request that would reach the App, and the App would make a request to the admin API and publish the blog post/article.

 

Here's the basic code for my endpoint at /api/post_article.js:

export default function handler(req, res) {

    console.log(req.method);
    console.log("URL: ",req.url);

    //Get the shop URL from request...

    //Look for the access token stored in the app's DB...

    //Send Request to admin API using stored AuthToken for the shop that will publish a blog post...

    res.status(201).send('Hello!');

}

I assume the authenticatedFetch() (in Embedded App) would be done within this function to call the Admin API to finally post the blog post?

 

If I go to https://{store}.myshopify.com/admin/apps/juice-10/api/post_article from my browser (while logged in, otherwise I get a Sign In panel), I do get a "Hello!" Message.

 

Chumpbo
Tourist
3 1 1

This is an accepted solution.

I figured it out. I assumed you could send requests to the admin panel but obviously you cannot since that requires said user to be logged in. In order to send requests I must send them to wherever the app is hosted, in this case, my own localhost. All of this comes from me assuming Shopify would host the app and therefore I'd have to send those requests to the Shopify servers, expecting it to reach my app....