How To Pass Empty Scopes While Installation App?

jee1992
Shopify Partner
4 0 0


Use Case:
I was using write_script_tags,Now I am using theme app extensions to ensure compatibility with Online Store 2.0 themes. But in app review process, I got this feedback

Only request permissions for API scopes that are required for your app to function. Your app is requesting scopes that aren't in use, so make changes to comply with our requirements.

API :

 

 

 

 

`https://${shopDomain}/admin/oauth/authorize?client_id=${apiKey}&scope=${scopes}&state=${state}&redirect_uri=${redirectUri}`

 

 

 

 




Now I have removed scope param from authorise API then I'm getting following error 
OAuth error invalid_scope: The access scope is missing.

Question: how I can pass empty scope, because my app don't need any special scope at all?

Replies 4 (4)

nalanetworks-
Shopify Partner
12 0 0

To pass an empty scope, you would replace {scopes} with an empty array, like this:

 

https://{shop}.myshopify.com/admin/oauth/authorize?client_id={api_key}&scope=[]&redirect_uri={redirect_uri}

 


Need professional help customizing your Shopify store or creating custom apps? Contact us now via our website Nala Networks Inc, send a direct message, or email sutha@nalanetworks.com
jee1992
Shopify Partner
4 0 0

I have passed scope as empty array, but it didn't work for me.

https://{shop}.myshopify.com/admin/oauth/authorize?client_id={api_key}&scope=[]&redirect_uri={redirect_uri}

Diaz19
Tourist
11 0 1

 Passing empty scopes while installing an app is an important step to ensure that the app is successfully installed and that the user has full access to the features and functions of the app. Empty scopes refer to the permission levels or access rights that the app requests from the user. This ensures that the app is installed without any conflicts and that the user is aware of the access rights that the app is requesting. In order to pass empty scopes, the user must first grant permission to the app in order to access their data. This can be done by providing necessary credentials such as username, password, and two-factor authentication. Once the user has granted permission, the empty scopes will be passed while the app is being installed. It is important to note that the user should carefully review the app's permission levels before granting them access. This will ensure that the user is aware of what type of data the app can access and how it will be used. It is also important to remember that the user should always be able to revoke the permission they provide in the future, if they decide to do so. 

jee1992
Shopify Partner
4 0 0

@Diaz19 
Which scope/access rights I need to pass in case of theme app extension(App embed blocks). 


I am just embeding a simple UI widget on storefront.