{"errors":"[API] Invalid API key or access token (unrecognized login or wrong password)"

I’m using a private app to generate the api key and password

I have used the url to call the api, but getting invalid url.

https://api:password@mystore.myshopify.com/admin/api/2019-04/orders.json

When I remove the api keys from the url, however keep the “search.json” at the end of the url I get an error. So the url I get the error with is:

https://mystore.myshopify.com/admin/api/2019-04/customers/search.json

When I remove the" “search.json” at the end and my url becomes:

https://meshedstore.myshopify.com/admin/api/2019-04/customers/

I get a good response, however I would like data in JSON format because I am using the chatbot service called Manychat and they can only read data in JSON format.

What I am trying to do, is from manychat, call out to Shopify to search for a customer in the store by name, then display back into manychat the orderstatus, fullfilled, the tracking number, the URL for tracking

I have attached some screenshots

This screenshot, I used the URL without the api key and passoword in the URL, but it is on the headers page

11.JPG1020×622 34.3 KB

This Screenshot shows the response headers jargon

22.JPG1017×621 60.8 KB

33.JPG1009×561 35 KB

This is where I get a good response back, however I’ve removed the very end of the api key"search.json", and of course it doesn’t really return the data that I would like.

44.JPG1028×622 45.9 KB

HI Triston,

From this point, I assume that, you have resolved the “Invalid API Key or Token issue as you are receiving the data”.

As for the other query, from the documentation, I think you are looking for this endpoint -

/admin/api/2019-04/customers.json

to retrieve all the customers. Important to note is that this call is paginated, so you get a maximum of 250 results in a page & then query the next page like this -

/admin/api/2019-04/customers.json?page=2 & so on.

You can get the count of all customers with this endpoint -

/admin/api/2019-04/customers/count.json

If there are more than 250, you may want to query the next page.

Thanks

Hi,

The “Invalid API Key or Token issue” is only technically resolved only once I remove the “ /admin/api/2019-04/customers.json” from the URL I am using to call out to shopify. This however doesn’t return the data I am seeking.

If I use “https://mystore.myshopify.com/admin/api/2019-04/“ the call works, as I put the API key and password into the headers, but again, doesn’t return the data I am seeking. From following the documentation, I should be using “https://myapikey:myapipassword@mystore.myshopify.com/admin/api/2019-04/customers.json” for example and this URL gives me the error.

All I am trying to do is: use manychat to call to shopify, get the status of an order, then spit it back to manychat.

Hi,

First thing first, make sure that you are copying the key & Password from here -

https://_YOUR_SHOP_NAME.myshopify.com/admin/apps/private/

Besides,

https://apikey:password@myshopdomain.myshopify.com/admin/api/2019-04/orders.json?status=any

https://apikey:password@myshopdomain.myshopify.com/admin/api/2019-04/orders.json

https://apikey:password@myshopdomain.myshopify.com/admin/api/2019-04/orders/order_id.json?fields=id,name,fulfillment_status,financial_status

where order_id is the actual order id you are querying.

All of the above works for me everywhere, the browser, the POSTMAN, Python shell, PHP, Node.js, etc.,

Make sure that you have copied the Key & Password as well as the scope correctly & you have the orders in your store to query though this has nothing to do with 404 or incorrect api key or password.

If still doesn’t work for you, it would be nice, if you could share the steps you are following.
Thanks

Just a point - you need to include the API KEY & Password as a part of URL & need not to send as headers.

Hi,

Thanks for you time.

The URL works for me as well in my browser, it returns data. However, in Manychat is where it displays invalid URL.

It may be as simple as the request headers not being inputted correctly.

Do you have any experience with manychat as a software to shed some light how my request headers should be structured?

Hi,

I do not have experience with Manychat, however, if it is a GET request to shopify, you do not need any additional headers.

Are you able to make a request on POSTMAN? Can you share something?

The URL should look something like this -

https://{YOUR_API_KEY_HERE}:{YOUR_API_PASSWORD_HERE}@SHOP_NAME.myshopify.com/admin/api/2019-04/orders.json

Please use this & let me know if you are able to sort it out in POSTMAN.

Thanks

I am facing same issue while calling this api -

API

https://<>.myshopify.com/admin/api/2019-10/customers.json

HEADER

[“Content-Type: application/json; charset=utf-8”,“Accept: application/json;”,“X-Shopify-Access-Token: <>”]

REQUEST

{“customer”:{“first_name”:“Hello Dev",“last_name”:“”,“email”:"devsdatest@notify.com”,“phone”:“566655446”,“verified_email”:true,“send_email_invite”:true}}

RESPONSE

[API] Invalid API key or access token (unrecognized login or wrong password)"}

Can you please help me in this

Hi

Have you got any solution for this, i am also facing similar issue

Hi

[email removed]

I can able to get a response using postman

I am using React Native after integrating with application getting a response a follows

Object {
“errors”: “[API] Invalid API key or access token (unrecognized login or wrong password)”,
}

return axios
.get(
“[email removed]
)
.then(function(response) {
// handle success
console.log(response);
// this.setState({ dt: response });
})
.catch(function(error) {
// handle error
console.log(error);
})
.finally(function() {
// always executed
});

Can you help me with this issue to resolve it

I am replacing with api key and api password with api key and api secret not sure still am getting the same error

Hi All,

I am also facing the same issue.

Can you please guide me how to resolve this issue.

Thanks,

i have the same issue first in the .env file give api scope for read_orders then if your app is already installed then you should update your app of uninstall app then install and give X-Shopify-Acess-Token in the header i have done the same thing to solve this problem

It works almost everywhere, except some “special” clients, so in case someone needs this in the future, here is the solution https://shopify.dev/tutorials/authenticate-a-private-app-with-shopify-admin#:~:text=Basic%20authentication,to%20connect%20with%20your%20app.

1. Join the API key and password with a single colon (:).

2. Encode the resulting string in base64 representation.

3. Prepend the base64-encoded string with Basic and a spaceadd this as header: Authorization: Basic NDQ3OGViN2FjMTM4YTEzNjg1MmJhYmQ4NjE5NTZjMTk6M2U1YTZlZGVjNzFlYWIwMzk0MjJjNjQ0NGQwMjY1OWQ=

Having a similar issue but a bit confused - I have no API password.

when creating my app i was given an API access token, API key and secret key - there’s no password.

is this for older versions of apps?

Hi,

In postman, it is working fine with that URL but while using local host (using intellij code), it is showing 401 unauthorized.

i used this configuration

ecohome_1-1669085606023.png1057×689 24.2 KB

and result was

ecohome_2-1669085675523.png1061×691 30.5 KB

is the url https://_YOUR_SHOP_NAME.myshopify.com/admin/apps/private/ still valid. When adding in my info with this URL I get a 404 page. I have created an app I have the API keys but not 100% sure of the password. I only have access to a secret key.

Hi @champ_jrdz,

Private apps have been deprecated in favour of Custom Admin apps and the authentication now uses and access token. You can read more about this in our development doc on Access Tokens for Custom Apps in the Shopify Admin.

Hope that helps.

Hey, if someone is still facing issues with 401, also do check your shop name, and the domain, for eg: i was missing hyphens in my store name, i was sending request to FirstLast whereas the domain/shop-name was first-last. So be wary of that, send request using the hypened url. I hope this helps