Custom app’s Orders API call fails with “[API] This action requires merchant approval for read_orders scope,” despite the app listing read_orders and write_orders.
Likely cause: the merchant didn’t grant the updated scopes, or the access token doesn’t include them. “Scopes” are API permissions that must be explicitly approved during app install.
Suggested steps:
Verify granted permissions in Shopify Admin > Apps > Your app > Permissions to confirm read_orders/write_orders are approved.
Uninstall and reinstall the app after changing Admin API scopes to trigger a new consent flow and issue a token with the correct scopes.
Ensure the request uses the correct, current access token associated with those scopes.
Test another endpoint (e.g., Products with read_products) to isolate whether the issue is specific to Orders.
No confirmed resolution yet; the issue remains open pending reinstallation/permission verification and token check.
However it keeps failing with error “[API] This action requires merchant approval for read_orders scope”. This makes zero sense, as I have added the read_orders and write_orders permission on my custom app. What else is there to do for the access token to actually work?
Greetings from flareAI app helping Shopify merchants get $6Million+ in sales from Google Search, on autopilot! I am Gina, and I am here to help.
If you have added the read_orders and write_orders permissions to your custom app and you’re still getting the error message that the action requires merchant approval for read_orders scope, then it’s possible that the user who installed your app has not granted your app the necessary permissions.
Here are a few steps you can take to resolve the issue.
Check the installed app’s permissions
You can check if the user has granted your app the necessary permissions by going to the Shopify admin dashboard, clicking on Apps, and then clicking on your app. Under the “Permissions” section, you should see the read_orders and write_orders permissions listed. If they are not listed, then the user did not grant your app these permissions during the installation process.
Re-install the app
If the necessary permissions were not granted during the installation process, you can ask the user to uninstall the app and then re-install it. During the installation process, make sure to prompt the user to grant your app the read_orders and write_orders permissions.
Check the access token
If the user has granted your app the necessary permissions, double-check that you are using the correct access token in your API request. You can find the access token in the Shopify admin dashboard under Apps > Manage private apps > your app name > API credentials > API key.
Try a different request
If you’re still having trouble, try a different API request to see if the issue is specific to the read_orders scope. For example, try making a request to the products endpoint with the read_products scope.
I hope this helps you resolve the issue with your access token not working for the read_orders scope.