Is there any documentation with recommended paths forward to replace the now-deprecated custom app functionality? I feel like I’m missing something since there seem to be gaping holes between the old custom app and new dev dashboard functionality.
I regularly use custom apps to get single store, API-only access to both the Storefront and Admin APIs. This is super easy, very clear what scopes are granted, etc.
Storefront API → Sounds like the intention is that you instead install the Headless app to manage all Storefront API access? Otherwise you need to make manual requests to generate the token, etc.
Admin API → Really unclear how this is supposed to work. Sounds like I need to manually get an access token using a client credentials grant? But that says it only lasts for 24 hours which isn’t practical for use in, for example, Shopify Flow.
I’m not 100% sure if for the Storefront API you are required to use the Headless app, but for the Admin API when using the client credentials grant flow you would need to refresh the access token and replace before the 24 window closes. Is your concern that during the switch calls could fail?
My concern is that I need an access token that doesn’t expire. I need one that I can generate and continue to use indefinitely.
As practical example, I frequently need this to access data in Shopify Flow, which has no mechanism to save a new token, even if I could implement a client credentials grant, which isn’t really practical in that context.
Hi Andrew! The Flow team is aware that the MCA token deprecation will affect folks using the “Send HTTP request” action to call the Shopify GraphQL Admin API and we’re actively working to add support for client credentials grant to address that.
We’re also working to add support for most of the more commonly used fields that require arguments, which are a common use case for using the “Send HTTP request” action to call the Admin API.
Can I ask which use cases you have for calling the Admin API via HTTP request in Flow instead of using natively available options?
Get data that isn’t available via an action. Recently I used this to get gift card data although I see that’s now available as an action (possibly I missed it) - so this may be less of an issue going forward. Certainly using native actions is a lot nicer than having to make and parse API requests.
Making complication mutations. For example I currently have a flow that runs a variable number of aliased metaobjectUpdate mutations plus a customerUpdate and orderUpdate in a single request. This keeps things a lot tidier in Flow (1 HTTP action vs 3+ and a loop), and make it possible to chain actions reliably. Determine changes required > Make changes via API > Then do something else. If there was a generic “custom Admin API” action where I could set the body and variables directly, instead of picking from the predefined list, then that would eliminate this issue.
As a temporary workaround, you can use the Execute GraphQL request action from the Flow Companion app, if you don’t mind using third-party applications.
When the issue is resolved, you’ll be able to switch back to the Send HTTP request action or to the new Admin API actions that @RPiii is talking about.
The Flow team is aware that the MCA token deprecation will affect folks using the “Send HTTP request” action to call the Shopify GraphQL Admin API and we’re actively working to add support for client credentials grant to address that.