Solved

error 400 'Required parameter missing or invalid' when generating a storefront access token

HeroicEv
Tourist
7 1 1

I'm trying to make a post request for a storefront access token, but I've been getting the error 'Required parameter missing or invalid'. I'm using axios to make the request, but I'm not sure what could be wrong or missing from the request.

               const Url = 'https://' + shop + '/admin/api/2020-10/storefront_access_tokens.json';

                axios(Url,{
                    method: 'post',
                    headers: {
                        'Accept':'application/json',
                        'Content-Type': 'application/json',
                        'X-Shopify-Access-Token': accessToken,
                    },

                    }).then(response => {
                        console.log(response)
                    }).catch(err => {
                        console.log(err.response);
                    });

 

 

 

The accessToken is a permanent one, app is a public sales channel, and I have an unauthenticated scope . I've tried without the "Accept' and "Content-Type" headers and received the same error. I haven't been able to find a concrete code example of this request, so I'm not sure what I'm missing with the documentation alone. If there is anything that I'm missing or anything you think could be wrong please let me know. 

Accepted Solution (1)
HeroicEv
Tourist
7 1 1

This is an accepted solution.

I ended up solving the problem. I was missing the body portion that was mentioned in the documentation where the title would be added . Here's my code using axios in javascript for anyone that could use an example. 

                const Url = 'https://' + shop + '/admin/storefront_access_tokens.json';

                axios(Url,{
                    method: 'post',
                    headers: {
                        'Accept':'application/json',
                        'Content-Type': 'application/json',
                        'X-Shopify-Access-Token': accessToken,
                    },
                    data: {
                        storefront_access_token: { title: 'Test2' }
                    },

                    }).then(response => {
                        console.log(response)
                    }).catch(err => {
                        console.log(err.response);
                    });

 

View solution in original post

Replies 6 (6)

michaeltheodore
Explorer
59 6 9

Where are you defining the accessToken variable?

HeroicEv
Tourist
7 1 1

It's defined after authentication

afterAuth(ctx) {
                const { shop, accessToken } = ctx.session;


                ctx.cookies.set('shopOrigin', shop, {
                    httpOnly: false,
                    secure: true,
                    sameSite: 'none'
                });
                ctx.cookies.set('accessToken', accessToken,{
                    httpOnly: false,
                    secure: true,
                    sameSite: 'none'
                });

                const Url = 'https://' + shop + '/admin/api/2020-10/storefront_access_tokens.json';

                axios(Url,{
                    method: 'post',
                    headers: {
                        'Accept':'application/json',
                        'Content-Type': 'application/json',
                        'X-Shopify-Access-Token': accessToken,
                    },

                    }).then(response => {
                        console.log(response)
                    }).catch(err => {
                        console.log(err.response);
                    });

                ctx.redirect('/');
            }
michaeltheodore
Explorer
59 6 9

Okay

This is where you're getting the shop and accessToken properties:

const { shop, accessToken } = ctx.session

You're accessing the properties via destructuring from the session context ctx.session variable.

Perhaps you can look at ctx.session or just ctx by doing a console.log(ctx) or console.log(ctx.session) in your code and look at the console output in the browser. You're looking for the properties shop & accessToken specifically and their values.

Let me know how that goes and we can go from there.

Mike

HeroicEv
Tourist
7 1 1

The values are the same from what I saw in the console.log of ctx.session, but I also saw a value of _expire: 1603756594267 which I assume it was for the access token that is generated. I understand in order to get a storefront-access-token the access token generated at authentication need to be permanent (or offline), but I'm not sure how to tell if it is permanent or not. Although if that was the problem I believe I would receive a response indicating that. I sent my compete authentication code just in case there anything blatantly wrong.

 

 

server.use(
        createShopifyAuth({
            apiKey: SHOPIFY_API_KEY,
            secret: SHOPIFY_API_SECRET_KEY,
            scopes: ['read_products','unauthenticated_read_product_listings'],
            accessMode: 'offline',
            afterAuth(ctx) {
                const { shop, accessToken } = ctx.session;

                ctx.cookies.set('shopOrigin', shop, {
                    httpOnly: false,
                    secure: true,
                    sameSite: 'none'
                });
                ctx.cookies.set('accessToken', accessToken,{
                    httpOnly: false,
                    secure: true,
                    sameSite: 'none'
                });
                
                const Url = 'https://' + shop + '/admin/api/2020-10/storefront_access_tokens.json';

                axios(Url,{
                    method: 'post',
                    headers: {
                        'Accept':'application/json',
                        'Content-Type': 'application/json',
                        'X-Shopify-Access-Token': accessToken,
                    },

                    }).then(response => {
                        console.log(response)
                    }).catch(err => {
                        console.log(err.response);
                    });

                ctx.redirect('/');
            },
        }),
    )

 

 

HeroicEv
Tourist
7 1 1

This is an accepted solution.

I ended up solving the problem. I was missing the body portion that was mentioned in the documentation where the title would be added . Here's my code using axios in javascript for anyone that could use an example. 

                const Url = 'https://' + shop + '/admin/storefront_access_tokens.json';

                axios(Url,{
                    method: 'post',
                    headers: {
                        'Accept':'application/json',
                        'Content-Type': 'application/json',
                        'X-Shopify-Access-Token': accessToken,
                    },
                    data: {
                        storefront_access_token: { title: 'Test2' }
                    },

                    }).then(response => {
                        console.log(response)
                    }).catch(err => {
                        console.log(err.response);
                    });

 

tolgapaksoy
Shopify Partner
105 7 64

I've had the same exact issue as you: https://community.shopify.com/c/Shopify-APIs-SDKs/storefrontAccessTokenCreate-mutation-always-return...

Shopify Staff answered me, telling me I need to add all `unauthenticated_*` scopes to my Admin API scopes as well. I tried doing that and to no avail. I made sure to reinstall my app to get a fresh access token with these new scopes, but I still couldn't get rid of the unauthenticated error.