According to the AI assistant in the GraphQL docs, it appears that we do not need special permission scopes to access the query currentAppInstallation . However our apps use delegate access tokens to limit the exposure but it seems like a query will return 401 access denied. x-request-id to test is 874c2b61-4625-4dbf-959c-b4a39f30101f-1765326636
Query is:
query {
currentAppInstallation {
accessScopes {
handle
}
}
}
Again, query works with master token but not with delegate created while all supplied information suggests that it should.
Hi @Emre_StayAi,
I’ve actually looked into this behaviour previously, about a year ago, and I can confirm after discussing it with developers internally that this is expected behaviour that the delegate tokens do not have access to the currentAppInstallation query.
An alternative workaround would be to use the App.installation query instead, however that would require the delegate token to have the read_apps scope, which is only granted by request, and can only be added to custom apps specifically, we are unable to grant this scope for public apps.
If you’d like to request the read_apps scope for a custom app installed on a merchant’s store you’re working with, please do reach out to Shopify Support via the Shopify Help Center and we can help process that request. Otherwise, you will need to make the currentAppInstallation query with the parent token.