A developer encountered an OAuth installation error (failed_grant_with_invalid_scopes) after upgrading to shopify-api version 2024-04, despite having correct scopes configured in their .env file.
Resolution Found:
unstable_newEmbeddedAuthStrategy from the shopifyApp configurationTroubleshooting Steps Suggested:
shopify app config link to create a config file linked to the production appshopify app deploy to push access scopes to Shopify (required for managed installation flow)shopify.app.toml match those in .envConfiguration Details:
The developer confirmed having a shopify.app.toml file with matching access scopes including: read_orders, write_metaobjects, read_metaobjects, write_metaobject_definitions, read_metaobject_definitions, write_files, read_files, read_themes, and read_products.
The issue appears related to the unstable authentication strategy rather than scope configuration itself.
When I upgrade shopify-api version to 2024-04, I failed to install my app. I checked all the scopes in my .env and it is all correct. Is it Shopify’s bug? Here is libraries’ version:
"@shopify/shopify-api": "^9.7.1",
"@shopify/shopify-app-remix": "^2.8.0",
I solved this by remove unstable_newEmbeddedAuthStrategy in shopifyApp config. May be the new OAuth strategy has some problems in shopify api version 2024-04
Few things to check:
shopify app config link to create a config file using your production app?shopify app deploy to deploy the access scopes ( and maybe extensions ) to the linked app?With the managed installation flow you have to push scopes to Shopify so it can do the auth for you.
Yes, I already have shopify.app.toml file with [access_scopes] as same as SCOPES in .env and using shopify app deploy to deploy app.
Here is my scopes in config file:
[access_scopes]
# Learn more at https://shopify.dev/docs/apps/tools/cli/configuration#access_scopes
scopes = "read_products,read_themes,read_files,write_files,read_metaobject_definitions,write_metaobject_definitions,read_metaobjects,write_metaobjects,read_orders"