Topics covering webhook creation & management, event handling, Pub/Sub, and Eventbridge, in Shopify apps.
I'm writing a new app and I want to register for the "checkouts/update" webhook topic. I send the following request:
webhook:{
topic: 'checkouts/update',
address: 'https://xxxx/webhooks/checkouts/update',
format: 'json'
}
but I get a 422 response with the message "'Invalid topic specified. Topics allowed: app/uninstalled, shop/update'".
As part of app installation I have the following scopes: "read_checkouts,write_checkouts"
I'm finding very little in the way of documentation around what scopes are required for the various webhook topics, however some blogs + older ecommerce university articles I've found have mentioned that for X/update topics you generally nead read_X but I'm not sure what I've missed for only the 2 topics returned to be the only ones available.
40 mins adding and removing various oauth scopes and I found the answer. In order to subscribe to the "checkouts/update" topic you need to have the read_orders scope as well as read_checkout.
I'm assuming this is because a checkouts becomes an order. Would be great if the docs for webhooks reflected what scopes are required!
Seconded. It is very confusing to understand the relation between Events, Webhooks, and OAuth Scopes. My default was to add all oauth scopes just so I didn't have to deal because it's time consuming to have to keep trying. That's probably not the behavior we want to incentivize - we want to incentivize principle of least access.