Did you setup the correct API access scopes? Log in to your partner dashboard, go to the app section and select the app you are working on. Then head down to the API access section and check the configured scopes. It should look something like this:
Topic summary
Issue: After handling a Shopify webhook with authenticate.webhook() in a Remix 3.3.2 app, an Admin GraphQL request via admin.graphql(…) returns 401 (Unauthorized). The query targets discountNode using payload.admin_graphql_api_id.
Context and likely causes: A 401 suggests missing/insufficient API scopes or an invalid/expired access token or headers not being sent. The Admin GraphQL client should include headers automatically if configured, but token validity still matters.
Troubleshooting so far:
- Suggested to verify API access scopes in the Partner Dashboard (screenshot attached). The app currently only has read_discounts configured, which the author believes should suffice for the query.
- Provided an expanded example query (with inline fragments for various Discount types) to test.
- Recommended trying shopify app deploy to ensure proper configuration in a deployed environment.
- Advised confirming the authorization headers are present and the access token is valid and not expired.
Status: No confirmed resolution yet. Next steps are to validate headers/token at runtime and reconsider required scopes if the 401 persists. Discussion remains open.
