The text of the 1st error however indicates a problem with the OAuth flow. When the app is installed it MUST immediately redirect to Shopify to get the scopes approved. See this link for an explanation or see the below image.
The 2nd error seems to indicate that you are not verifying that requests are coming from shopify. You need to validate any calls to your app by inspecting the X-Shopify-Hmac-SHA256 headers HMAC and ensuring that it's valid.
Hope that helps.
- Was my reply helpful? Click Like to let me know! - Was your question answered? Mark it as an Accepted Solution