Fulfillment service creation fails with 'Access denied for location field' despite correct scopes and fresh install

Markus · June 9, 2025, 9:25am

We’re developing a Shopify Fulfillment Service app using the fulfillmentServiceCreate mutation via the Admin GraphQL API. The mutation fails with the error:

Access denied for location field. Required access: read_locations access scope, read_inventory access scope or read_markets_home access scope.

The mutation we send includes a locationId, and we also query fulfillmentService { id location { id } } in the response.

The app is built with @shopify/shopify-app-remix, using unstable_newEmbeddedAuthStrategy: true. All required scopes are declared in both the .env and shopify.app.toml, including read_locations. The app has been freshly installed on a development store after full uninstallation. The OAuth flow appears to complete successfully, and other queries work.

We have also verified that read_locations is listed in the configured scopes in the Partner Dashboard.

Despite this, the same GraphQL mutation consistently fails when accessing the location field in the response. The fulfillment service is not created.

Is there any known issue with access to location in this context or with scope propagation during reinstallation?

KyleG-Shopify · June 9, 2025, 9:26pm

Hey @Markus, I’m happy to take a look in to this with you.

Can you confirm that the store has approved the read_locations access scopes?

{
    currentAppInstallation {
        accessScopes {
            handle
        }
    }
}

Another thing to check is in your app configuration file, make sure you have enabled direct API mode https://shopify.dev/docs/apps/build/cli-for-apps/app-configuration#access.

Markus · June 10, 2025, 8:47am

Hi Kyle from what i can see the scopes are approved . the wstarange thing is all write sopes are there bur all read scopes are not. We build a debug to check the installation scopes and it gives back all the scopes in the toml but the session scopes are only the write scopes.

KyleG-Shopify · June 10, 2025, 5:53pm

That is strange. Can you share your current app toml file (please redact identifying information like app id, url, etc)?

Can you also check the latest release in the version tab of the partner dashboard. You can double check the current scopes deployed with your app version.

Topic		Replies	Views
2024-07 read_locations scope required - backfill request GraphQL Admin API Troubleshooting rest-migration , general-gql-troubles	16	274	April 2, 2025
Access denied for shopifyPaymentsAccount field. Required access: the `read_shopify_payments` or the `read_shopify_payments_accounts` access scope GraphQL Admin API Troubleshooting general-gql-troubles	1	138	January 20, 2025
Unable to test Fulfillment Constraint Functions general-functions	12	71	February 14, 2025
How to update access scope for a live app on Shopify App store Partner Discussions app-store , dev-stores	5	47	May 13, 2025
Unable to create Fulfillment from FulfillmentOrder GraphQL Admin API Troubleshooting general-gql-troubles	4	311	February 1, 2025

Fulfillment service creation fails with 'Access denied for location field' despite correct scopes and fresh install

Related topics