Developers are encountering errors when requesting granular API scopes via the /admin/request_granular_access_scopes.json endpoint after updating their API versions. The primary issue involves receiving “Access scope is invalid” errors for certain scopes that were previously granted.
Affected Scopes:
write_merchant_managed_fulfillment_orders (needed for fulfillment creation)
read_home, read_apps, write_apps
Various fulfillment-related scopes: read/write_assigned_fulfillment_orders, read/write_merchant_managed_fulfillment_orders, read/write_third_party_fulfillment_orders
Additional scopes: read_disputes, read_payment_mandate, notification and script-related scopes
Key Pattern:
The error appears specifically when API keys have been granted at least one of the problematic scopes (write_apps, read_apps, read_home). The issue affects custom app integrations and varies by store, with some stores accepting the requests while others reject them with the same scope combinations.
Current Status:
Shopify support suggests some mentioned scopes have restrictions and recommends contacting Partner Support specialists directly to verify scope assignment eligibility. The discussion remains open with developers seeking workarounds to avoid manually contacting each affected client.
Summarized with AI on November 21.
AI used: claude-sonnet-4-5-20250929.
I work as the maintainer of an app in your app store.
We have recently updated the API-version for our app from 2022-04 to 2022-07.
Since we create fulfillments we have requested the granular scope write_merchant_managed_fulfillment_orders for each of our installed apps because of this, both apps installed using the app in the app store, and all customs apps using the same integration on our end before we hade the app in app store.
For some of the custom app integrations we are unable to request the necessary scope.
When calling /request_granular_access_scopes.json with
We are experiencing something similar when attempting to request fulfillment-related scopes using the /admin/request_granular_access_scopes.json endpoint. In our situation, we have many customers who configure our application to use the Shopify API to connect to each of their own stores, so we need to request these scopes for any number of stores. For many of those stores the request succeeds, but for some it fails with the “Access scope is invalid” message. And the list of invalid scopes varies by store, but all returning some combination of the following: read_disputes, read_payment_mandate, read/write_apps, read/write_notifications, read/write_admin_notifications, read/write_scripts, read/write_social_network_accounts, read/write_checkout_settings.
Our question is similar to the original poster’s: do we need to contact each customer to have them update scopes on their side? Further, our own test store doesn’t show any of these scopes, so it’s not clear that they would necessarily show up in customers’ accounts–should we expect the scopes would show up in customers’ stores? And finally, why would these scopes be considered invalid when we’re requesting fulfillment-related scopes?
For reference, these are the scopes we’re requesting: read/write_assigned_fulfillment_orders, read/write_merchant_managed_fulfillment_orders, read/write_third_party_fulfillment_orders.
HI @BW-3PL some of those scopes you have mentioned have restricted and limited scopes. We would recommend reaching out directly to our Partner-Support specialists to check if you can assign those to your app. Hope this helps!