Have your say in Community Polls: What was/is your greatest motivation to start your own business?
Our Partner & Developer boards on the community are moving to a brand new home: the .dev community forums! While you can still access past discussions here, for all your future app and storefront building questions, head over to the new forums.

Can't create webhooks using Private App API keys.

Can't create webhooks using Private App API keys.

Saul_Martínez
Visitor
2 0 0

Hi,

I'm trying to automate the creation of webhook subscriptions for different stores (and different topics). Our application makes use of private apps API key/password to create and update products. We are now trying to get notifications on order changes using the webhooks API.

I'm making some tests and I'm not able to create a webhook subscription using the API https://help.shopify.com/en/api/reference/events/webhook#create

It always says that the Address for the given topic (orders/create in this case) has already been taken.

I'm instantiating a new session on behalf of a particular shop, using API key and Password for Basic authentication. 

On the other hand, when I create the subscription through the Admin panel, I'm able to create the subscription, but with no luck using the API. We're using Ngrok for receiving HTTPS requests, and when I create the subscription using the Admin panel and send the notification test, I get the request correctly.

Am I missing something? Is it possible to create webhook subscriptions using a private app's API key and password? With the test request, I'm also able to validate the request and all.

Thanks in advance!

Replies 4 (4)

Jivan_Suhagiya
Shopify Partner
595 82 127

Hi,
you can not create webhook subscriptions using a private app's API key and password.
You can do only operation with only APIs that is listed on ADMIN API PERMISSIONS based on read, write or read/write permission. 
refer attached image

Thanks

If helpful then please Like and Accept Solution.
Email: suhagiyajivan1992@gmail.com
Skype: jivan.suhagiya
First kind of Checkout Reminder APP: https://apps.shopify.com/checkout-reminder

Saul_Martínez
Visitor
2 0 0

I see. I appreciate your help Jivan.

I guess that's why we cannot validate the webhook request using the shared secret created along with the private app's API key and password, right?

We have already decided to create the subscriptions manually using the admin panel and started using the secret shown when you create a new subscription.

Although we receive lots of POST requests that fail to validate the when using either shared secret. Is that a normal behavior?

def valid?(secret, body, hmac) do
  :crypto.hmac(:sha256, shop.api_secret, body)
  |> Base.encode64
  |> String.equivalent?(hmac)
end

First, we used the shared secret given by the private app but had no luck validating the request. Then switched and started using the one that is shown when the subscription is created and we could validate the requests, the thing is that we suddenly get multiple requests that fail the validation.

Does that sound familiar?

Thanks in advance!

TomTranzistor
Shopify Partner
62 4 15

You CAN create a webhook using Private API keys.

 

(Im on ruby on rails using ShopifyAPI gem)

First Connect with from your app to your store:

 

shop_url =  “https://[APIKEY]:[password]@[SHOPDOMAIN].myshopify.com/

ShopifyAPI::Base.site = shop_url

ShopifyAPI::Base.api_version = '2020-01'

 

Then Create your Webhook 

ShopifyAPI::Webhook.create({

 

}) 

IffiChaudhry473
New Member
8 0 0

I,m new on shopify and i,m creating a private app for my store using react native. I have no idea how to add notifications in our app. Plz help me how we can add notification for our private app? I,m confused please guide me in this case. Because i didn,t know that shopify provides any api's or prerequisite to add notifications for private apps. Is there option to add OneSignal or firebase push notifications or any shopify api to add notifications. Thanks in advance for help.