Discuss and resolve questions on Liquid, JavaScript, themes, sales channels, and site speed enhancements.
Since March, in our released public app, an error has started occurring when calling the webhookSubscriptionCreate via Admin GraphQL Mutation.
"[API] Invalid API key or access token (unrecognized login or wrong password)"
If you report this error, please include this id: 210e0edf-4dd4-429b-bd2d-a7900848a6e2-1710765057
at HttpResponseError.ShopifyError [as constructor] (/home/node/node_modules/@shopify/shopify-api/dist/error.js:13:28)
at new HttpResponseError (/home/node/node_modules/@shopify/shopify-api/dist/error.js:104:28)
at HttpClient.<anonymous> (/home/node/node_modules/@shopify/shopify-api/dist/clients/http_client/http_client.js:248:43)
at step (/home/node/node_modules/tslib/tslib.js:144:27)
at Object.next (/home/node/node_modules/tslib/tslib.js:125:57)
at fulfilled (/home/node/node_modules/tslib/tslib.js:115:62)
at processTicksAndRejections (node:internal/process/task_queues:96:5) {
response: {
code: 401,
statusText: 'Unauthorized',
body: {
errors: '[API] Invalid API key or access token (unrecognized login or wrong password)'
},
headers: [Object: null prototype] {
...
}
}
}
Regarding authentication, it was implemented by a previous developer several years ago, and I don't fully understand it. After reviewing the code, logs, and development documentation, here's what I've found:
I understand that we probably should migrate to a configuration using Shopify CLI, but I want to address the issue for the specific merchants currently affected as soon as possible. Can you investigate the cause based on the error ID provided above? I'm ready to provide additional information if needed.
Solved! Go to the solution
This is an accepted solution.
This issue has been resolved.
The root cause was the use of an outdated version of the Shopify API.
To address this, we updated all packages within the app to their latest versions, including the Shopify API. Additionally, we implemented custom session management using Redis storage within the app's backend, where we now also manage the access tokens internally. Although the app initially lacked proper mechanisms for token exchange, we resolved this by introducing a system to refresh sessions. We understand that this solution may not be entirely sufficient, and we plan to switch to an app setup using Remix in the near future.
It took over a month to resolve this issue, but it has been an educational experience in understanding Shopify's authentication processes. We also appreciate the support provided by the Shopify support team during this period.
This is an accepted solution.
This issue has been resolved.
The root cause was the use of an outdated version of the Shopify API.
To address this, we updated all packages within the app to their latest versions, including the Shopify API. Additionally, we implemented custom session management using Redis storage within the app's backend, where we now also manage the access tokens internally. Although the app initially lacked proper mechanisms for token exchange, we resolved this by introducing a system to refresh sessions. We understand that this solution may not be entirely sufficient, and we plan to switch to an app setup using Remix in the near future.
It took over a month to resolve this issue, but it has been an educational experience in understanding Shopify's authentication processes. We also appreciate the support provided by the Shopify support team during this period.
Thanks to everyone who participated in our AMA with 2H Media: Marketing Your Shopify St...
By Jacqui Sep 6, 2024The Hydrogen Visual Editor is now available to merchants in Shopify Editions | Summer '...
By JasonH Sep 2, 2024Note: Customizing your CSS requires some familiarity with CSS and HTML. Before you cust...
By JasonH Aug 12, 2024