Hi Guys,
I am facing an issue with direct API Access, below the scenario:
- We use it on our app, to fetch some resources (Products for example).
- We have requested collaborator access to the merchant in order to do some testing, and we don’t have Products permissions.
- When we try to manipulate the app & logged in using collaborator access, we get an error on the query saying that we don’t have read_products scopes, even the app does have this scope.
Is this relevant? I mean why it prevents the app from fetching those resources even it has scopes.
Does any one faces this before?
This is the response we get, even we got all those scopes:
Access denied for preview field. Required access: `read_products` access scope, `read_files` access scope or `read_images` access scope.
The query:
query($query: String!, $sortKey: FileSortKeys!) {
products(first: 10) {
nodes {
id
}
}
files(first: 10) {
nodes {
id
alt
preview {
status
image {
url
}
}
}
}
}
Thanks
1 Like
Hey @Mohamed_EL ,
Thanks for sharing that.
In your above query, are you looking to retrieve the files associated with the returned products? The reason I ask is because the above query is fetching the first 10 products and the first 10 files, but not necessarily the 10 files associated with the products. If you want the product files, you should include the media connection instead. Product - GraphQL Admin
If you do want separate requests, the error returned looks to be specific to the preview field .
Can you test and remove the preview fields and see if that will work?
I would also recommend adjusting your query and use fragments for the media types. You can add and remove the different types to try and narrow the error down to a specific resource: File - GraphQL Admin
There may be a specific file type being returned that your app doesn’t have access to.
Let me know if the above troubleshooting steps help clear this up, or at the least help narrow down where the scope discrepancy is occurring.
Hi @KyleG-Shopify,
Thank you for your response.
On the query I shared I wanted to fetch them separately.
the issue it happens only when we are on collaborator access without having the permissions to those resources on the account.
Else if the user has that permission it works fine.
I am thinking if it is because we use Direct API access, it uses the token for the authenticated user.
As well I will look into using fragments to optimize the query.
Thanks
Mohamed
It sounds like you’re using an online access token, since that will limit permissions to the logged in user.
You can resolve this by updating your configuration file to:
direct_api_mode = "offline"
and if you have an embedded app,
embedded_app_direct_api_access=true
Hey @Mohamed_EL , did the above help unblock you here?
Hi @KyleG-Shopify
Thank you very much for your help.
That works for me.
Thanks
1 Like