Shopify started sending 403 api has been disabled when authenticating

Retired Boards Appdev Extensions
,

Topic summary

Issue: Shopify API returns 403 “API access has been disabled” during authentication, including error ID e0c11cad-b507-431c-bd58-fb115bdca33a. The failure occurs when calling validateAuthenticatedSession (internally hasValidAccessToken) using code taken from the updated documentation.

Scope and impact: Ongoing for about two weeks across all clients, affecting both development and production environments. The problem impacts all current customers.

Environment and versions:

Actions taken: Updated all dependencies to the latest versions but the error persists. Code aligns with Shopify’s documentation.

Notes: 403 is an HTTP “Forbidden” status; “API access has been disabled” indicates blocked access at authentication.

Status: Unresolved; assistance requested. No decisions or fixes reported yet.

Summarized with AI on January 26. AI used: gpt-5.
1

I have an application that for 2 weeks already is receiving 403 api from shopify,
API access has been disabled.
If you report this error, please include this id: e0c11cad-b507-431c-bd58-fb115bdca33a

This is thrown when calling validateAuthenticatedSession (internally function hasValidAccessToken). This code was taken using an updated code from documentation.
This is happening for all our clients (both development and production).
I tried updating all dependencies to latest shopify version to no avail.

“@shopify/shopify-api”: “7.2.0”,
“@shopify/shopify-app-express”: “2.1.2”,
“@shopify/app-bridge”: “3.7.7”,
“@shopify/app-bridge-utils”: “3.5.1”,
“@shopify/shopify-app-session-storage-mysql”: “1.1.6”,
“@shopify/app”: “3.46.1”,
“@shopify/cli”: “3.46.1”
Any assistance would be greatly appreciated, as this is effecting all current customers.

2 Likes