Re-Registering webhooks: Invalid API key or access token

Solved

Re-Registering webhooks: Invalid API key or access token

hugo4711
Shopify Partner
17 1 1

Hi!

I have a custom shopify app running for one of our clients. We have registered some webhooks. Everything works fine.

 

As we host the app on heroku, we need to re-register the webhooks once heroku decides to restart our dyno (happens once daily).

To re-register, we store the accessToken, host and the shop in our database.

 

When webhooks starting to fail, we try to re-register loading the stored accessToken from the database.

Unfortunately we get the following error message:

 

 

Error: Received an error response (401 Unauthorized) from Shopify: [API] Invalid API key or access token (unrecognized login or wrong password). If you report this error, please include this id: 0d9b6443-ad43-4526-8932-250cecc42fd6

 

 

How can we re-use the accessToken to re-register all of our webhooks? And what causes this problem?

 

Cheers,

hugo

 

Accepted Solution (1)

hugo4711
Shopify Partner
17 1 1

This is an accepted solution.

If anyone stumbles upon this:

 

We use OAUTH in our app through KOA. There are two access-modes: online and offline (offline should be default, meaning the accessToken will never expire. online meaning the accessToken will expire when the browser session of the authenticating user expires):

 

https://shopify.dev/apps/auth/access-modes


BUT: When using KOA, 'online' mode is DEFAULT! This is completely misleading...

 

https://www.npmjs.com/package/@shopify/koa-shopify-auth

 

ATTENTION: verifyRequest and shopifyAuth BOTH need to specify 'offline' as default. See the documentation!

 

https://community.shopify.com/c/shopify-apis-and-sdks/get-offline-access-token-from-koa/m-p/608000#M...

View solution in original post

Reply 1 (1)

hugo4711
Shopify Partner
17 1 1

This is an accepted solution.

If anyone stumbles upon this:

 

We use OAUTH in our app through KOA. There are two access-modes: online and offline (offline should be default, meaning the accessToken will never expire. online meaning the accessToken will expire when the browser session of the authenticating user expires):

 

https://shopify.dev/apps/auth/access-modes


BUT: When using KOA, 'online' mode is DEFAULT! This is completely misleading...

 

https://www.npmjs.com/package/@shopify/koa-shopify-auth

 

ATTENTION: verifyRequest and shopifyAuth BOTH need to specify 'offline' as default. See the documentation!

 

https://community.shopify.com/c/shopify-apis-and-sdks/get-offline-access-token-from-koa/m-p/608000#M...