GraphQL Admin API - [API] Invalid API key or access token (unrecognized login or wrong password)

I randomly started getting this error recently and haven’t been able to figure out why:

ShopifyAPI::Errors::HttpResponseError ({
  "errors":"[API] Invalid API key or access token (unrecognized login or wrong password)",
  "error_reference":"If you report this error, please include this id: **2bcd0c9f-6c34-49c5-b2a3-05c448f6aa74-1738459181**."
})

My app is a Try Before You Buy app, it uses the 2024-01 API and all keys, secrets and scopes are correct after double checking them. There have been no major changes to the app recently.

Some extra logs that should help pinpoint what is causing the error:

The actual code that is triggering the error:

graphql_order = FetchOrder.call(id: @order.shopify_id)
# frozen_string_literal: true

class FetchOrder < ApplicationService
  attr_accessor :error

  FETCH_ORDER_QUERY = <<~QUERY
    query fetchOrder($id: ID!, $after: String) {
      order(id: $id) {
        id
        createdAt
        updatedAt
        closedAt
        cancelledAt
        clientIp
        name
        displayFinancialStatus
        displayFulfillmentStatus
        customer {
          email
        }
        note
        tags
        fullyPaid
        totalOutstandingSet {
          shopMoney {
            amount
          }
        }
        paymentTerms {
          id
          paymentSchedules(first: 1) {
            edges {
              node {
                dueAt
              }
            }
          }
        }
        paymentCollectionDetails {
          vaultedPaymentMethods {
            id
          }
        }
        lineItems(first: 10, after: $after) {
          edges {
            node {
              id
              image {
                url
              }
              quantity
              restockable
              unfulfilledQuantity
              title
              variantTitle
              sellingPlan {
                sellingPlanId
              }
            }
          }
          pageInfo {
            hasNextPage
            endCursor
          }
        }
        totalPriceSet {
          shopMoney {
            amount
          }
        }
      }
    }
  QUERY

  def initialize(id:, after: nil)
    super()
    @Id = id
    @after = after
    @session = ShopifyAPI::Context.active_session
    @Client = ShopifyAPI::Clients::Graphql::Admin.new(session: @session)
  end

  def call
    variables = {
      id: @Id,
      after: @after
    }

    response = @Client.query(query: FETCH_ORDER_QUERY, variables:)

    unless response.body["errors"].nil?
      raise response.body.dig("errors", 0, "message") and return
    end

    response
  rescue ActiveRecord::RecordInvalid, StandardError => e
    Rails.logger.error("[FetchOrder Failed]: #{e.message}")
    @error = e.message
    raise e
  end
end

I reached out to the original founder of this app who intelligently pointed out that uninstalls could be causing the issue. Once I added more logging to find out which shops were getting affected, it turned out that most, if not all, of the errors were caused by shops that no longer used the app.

I’m accepting this as the “solution” and leaving the thread up since there’s a myriad of these threads, all with different answers. We should definitely get some better error messaging for this though. It’s incredibly vague when it doesn’t need to be. Even digging through the public Gems, it pointed to either a 429 or 500 HTTP error which didn’t help much.

Double checked the logging now that more informative logs were added and it appears the errors are also happening for shops still using the app.

Any of these store previously uninstall and reinstalled the app?

Also, Did you update the Secret key of your app?