Revoke payment method permissions not working.

Solved
eat_to_evolve
Excursionist
18 0 7

Hello, I am trying to make this call

https://shopify.dev/docs/admin-api/graphql/reference/customers/customerpaymentmethodrevoke

{
"customerPaymentMethodId" : "gid://shopify/CustomerPaymentMethod/bcdbf2bd274d93a7dd71b41d02c1961a"
}
mutation customerPaymentMethodRevoke($customerPaymentMethodId: ID!) {
  customerPaymentMethodRevoke(customerPaymentMethodId: $customerPaymentMethodId) {
    revokedCustomerPaymentMethodId
    userErrors {
      field
      message
    }
  }
}

 and my access token has these scopes, 

'read_products',
'write_products',
'read_orders',
'read_customers',
'write_customers',
'read_customer_payment_methods',
'write_customer_payment_methods',
'write_own_subscription_contracts',
'read_own_subscription_contracts',

but when I try to run that mutation, i get

    "errors": [
        {
            "message": "CustomerPaymentMethodRevoke access denied",
            "locations": [
                {
                    "line": 2,
                    "column": 3
                }
            ],
            "path": [
                "customerPaymentMethodRevoke"
            ]
        }
    ],

 I am able to run the 

customerPaymentMethodSendUpdateEmail mutation just fine with the same access token, on the docs it says they require the same scopes.
Accepted Solution (1)

Accepted Solutions
yalshekerchi
Shopify Staff
Shopify Staff
13 4 4

This is an accepted solution.

Hello,

Thank you for you question!

The customerPaymentMethodRevoke requires the write_customer_payment_methods scope, while the customerPaymentMethodSendUpdateEmail does not require it. This may be the reason why only one of the two mutations is working with your access token.

I sent you a message requesting additional details to confirm that the permission has been granted for the scope.

View solution in original post

Replies 5 (5)
yalshekerchi
Shopify Staff
Shopify Staff
13 4 4

This is an accepted solution.

Hello,

Thank you for you question!

The customerPaymentMethodRevoke requires the write_customer_payment_methods scope, while the customerPaymentMethodSendUpdateEmail does not require it. This may be the reason why only one of the two mutations is working with your access token.

I sent you a message requesting additional details to confirm that the permission has been granted for the scope.

masumluf
Excursionist
37 0 4

I am also facing same issue. Should we need to send any request to update our permission ? what Should I do now ?

LarryReid
Shopify Staff
Shopify Staff
34 6 10

You need to use an access token for a user or app that has the `` permission. If you're using a user's access token, could you try giving the user the "Edit billing payment methods and pay invoices" permission in Admin -> Users and permissions, and let me know if that works.

masumluf
Excursionist
37 0 4

I did not find out anything like that as you mentioned above , 

shopify.png

 

here is my code , 

 

 

  const shopData = await shopsController.getById(shopId);
      const client = new Shopify.Clients.Graphql(
        shopData.shopId,
        shopData.offlineAccessToken
      );

      const mailResponse = await client.query({
        data: `mutation customerPaymentMethodSendUpdateEmail(gid://shopify/CustomerPaymentMethod/${paymentId}: ID!) {
          customerPaymentMethodSendUpdateEmail(customerPaymentMethodId: $customerPaymentMethodId) {
            customer {
              # Customer fields
              id
              email
            }
            userErrors {
              field
              message
            }
          }
        }
        `,
      });

 

 



and getting this error 

 


[{"message":"CustomerPaymentMethodSendUpdateEmail access denied","locations":[{"line":2,"column":11}],"path":["customerPaymentMethodSendUpdateEmail"]}]

my I mentioned write_customer_payment_methods in my SCOPES in my .env file

masumluf
Excursionist
37 0 4

Hello @LarryReid , Could you Help Me out ?