I want to ask why app has been rejected repeatedly

Shopify Apps

Topic summary

Repeated app review rejections are centered on Shopify API scopes, especially whether the requested permissions are justified by the app’s actual features. The app developer says five review submissions were rejected, and reviewers then required a two-week wait before another submission.

Key issue:

  • The app requested read_all_orders, read_orders, and read_products.
  • Review feedback said the app exceeds the API permissions it applied for, but the explanation was too brief for the developer to understand what functionality must be shown to justify those scopes.
  • The developer is seeking clearer reviewer guidance and a way to ask specific questions.

Most relevant reply:

  • Another developer notes that read_all_orders is particularly difficult to get approved.
  • They reference Shopify documentation explaining order permissions, and say they changed their own app plan to avoid read_all_orders, limiting the app to orders created after installation instead of historical orders.

Current status:

  • No clear resolution was provided.
  • The original poster is still trying to communicate with the reviewer to get the app approved and listed.
Summarized with AI on March 8. AI used: gpt-5.4.
1

I am a Shopify application developer. After the first version was completed, I initiated five application audit requests, but they were all rejected. Recently, the auditor reminded me My app has been audited too many times, so I have to submit it again two weeks later. The reason is that my app exceeds the API permission I applied for, but the auditor’s prompt is too simple, so I can’t understand why it is so. I just applied for read_ all_ orders, read_ orders , read_ Products, three scopes, and have been used in my application.

I want to know what specific functions my application needs to reflect when I apply for these three scopes,Can any auditor see my request? If so, please provide your email. I have some specific questions to ask you.

I wonder if the great God has solved my doubts. I can’t help but thank you。

2

The read_all_orders permission seems to be a tricky one.

https://shopify.dev/tutorials/authenticate-a-public-app-with-oauth/#orders-permissions

I am currently building an app as well in which the read_all_orders permission was needed as per the initial plan but later I changed my mind not to use it after reading the complications. So my app is now planned to serve only for the orders that come in after the app is installed in the shopify store and does not support older orders for now.

Note : I am yet to initiate an approval request, hope this helps.

3

thank u very much ,I’m still trying to communicate with the auditor so that my application is on the shelf

1 Like