Required scope for checkouts/update webhook topic?

Required scope for checkouts/update webhook topic?

VacantMind
Shopify Partner
4 0 4

I'm writing a new app and I want to register for the "checkouts/update" webhook topic. I send the following request:

webhook:{ 
  topic: 'checkouts/update',
  address: 'https://xxxx/webhooks/checkouts/update',
  format: 'json' 
}

but I get a 422 response with the message "'Invalid topic specified. Topics allowed: app/uninstalled, shop/update'".

As part of app installation I have the following scopes: "read_checkouts,write_checkouts"

I'm finding very little in the way of documentation around what scopes are required for the various webhook topics, however some blogs + older ecommerce university articles I've found have mentioned that for X/update topics you generally nead read_X but I'm not sure what I've missed for only the 2 topics returned to be the only ones available.

Replies 2 (2)

VacantMind
Shopify Partner
4 0 4

40 mins adding and removing various oauth scopes and I found the answer. In order to subscribe to the "checkouts/update" topic you need to have the read_orders scope as well as read_checkout.

I'm assuming this is because a checkouts becomes an order. Would be great if the docs for webhooks reflected what scopes are required!

davetron5000
Tourist
3 1 4

Seconded. It is very confusing to understand the relation between Events, Webhooks, and OAuth Scopes.  My default was to add all oauth scopes just so I didn't have to deal because it's time consuming to have to keep trying.  That's probably not the behavior we want to incentivize - we want to incentivize principle of least access.