Await admin.graphql(query, input ); HttpResponseError: Received an error response (401 Unauthorized)

Shopify Discussion

Topic summary

A developer using Shopify’s Remix app template with App Theme Extension and App Proxy is encountering a 401 Unauthorized error when attempting to execute Admin GraphQL API calls.

Technical Context:

  • The error occurs when a button in the App Theme Extension is pressed
  • The endpoint uses await admin.graphql(query, input) to execute a MetafieldSet mutation
  • Authentication is attempted via await authenticate.public.appProxy(request)
  • The admin object prints successfully with API keys and secret keys, but the GraphQL query is rejected

Key Issue:
Despite the admin object containing proper credentials, authorization fails when the GraphQL mutation executes. The developer is following Shopify’s official documentation for app proxy authentication.

Status:
The developer is new to Shopify and seeking guidance on whether their App Proxy implementation approach is correct, as they’re uncertain about the proper authentication flow for this use case.

Summarized with AI on November 12. AI used: claude-sonnet-4-5-20250929.
1

Hello I am using Remix app template with App Theme Extension and App Proxy . For some reason I am unable to authorized any Admin API call when my embedded app component are being pressed.

Here is my endpoint file

export const action = async({request}) => {
    // param will get pass in like the following
    //  data = {product_id: 123}
    switch (request.method) {
        case "PUT": {
          /* handle "PUT" */
          // get the body data
          const data = await request.json()
          console.log(data)
          let query = `
          mutation MetafieldSet($metafields: [MetafieldsSetInput!]!) {
            metafieldsSet(metafields: $metafields) {
              metafields {
                key
                namespace
                value
                createdAt
                updatedAt
              }
              userErrors {
                field
                message
                code
              }
            }
          }
          `
          let input = {
            "metafields": [
              {
                "key": "wishlist",
                "namespace": "CP_app",
                "ownerId": "gid://shopify/Customer/7396475044125",
                "type": "json",
                "value": "{}"
              }
            ]
          }
          const { admin } = await authenticate.public.appProxy(request);
          const response = await admin.graphql(query, input );
          console.log(response)

          // append the data to the json metafield to a specific customer (likely by their id)
          // namespace: CP_app
          // key: wishlist
        //   console.log("request data", response)
          return json({"message": "item added"})
        }
        default: {
            return json({"message": "HTTP METHOD not suppported"})
        }
    }
}

Here is my Theme APP Extension test button file


{% schema %}
    {
      "name": "Test Button",
      "target": "section"
    }
{% endschema %}

Here is the output Log

WilsonNie_0-1706648984761.png
WilsonNie_0-1706648984761.png1383×965 30.9 KB

Anyone got an ideal why when the button being pressed the graphQL query is rejected due to authorization. but I’ve print out my admin object which contain my API keys and my API secret key

2

I am new to Shopify, If the way i am using the APP proxy is wrong please let me know. TBH i have no ideal what i am doing

3

This is the doc that i am using https://shopify.dev/docs/api/shopify-app-remix/v2/authenticate/public/app-proxy#example-admin