I have some weird access errors trying to mutate Customer metafields via a Customer Account extension. No matter what, in all POST requests I’m met with "Access denied for metafieldsSet field. Required access: access defined by each metafield input "ownerId" scalar's type in a "MetafieldsSetInput" field.\nFor example, setting a metafield on a "CUSTOMER" requires the same access as mutating a "CUSTOMER".\n"
I have no trouble fetching the metafield. It’s only mutations.
I have the following scopes set in both shopify.extension.toml and shopify.app.toml: customer_read_customers,read_customers,write_customers,customer_write_customers
@curzey it’s not documented well but our team ran into a similar issue and figured out that you can only set the Customer Account API access on app owned metafields (i.e. using the app reserved namespace). For merchant owned metafields, the access has to be set manually through the Shopify admin settings.
@Brett that sounds interesting, and possibly also true. Maybe @Kenza_Iraki can elaborate on this. But is that also relevant for Customer Account Extensions? I’m trying to keep it small an native to avoid external hosting etc.
@Kenza_Iraki I did not - it’s not a listed app. It’s just private custom distribution app for a client. Hell, as far as I am currently it’s just scoping and testing on a dev store / app
Maybe @Kenza_Iraki can elaborate on this. But is that also relevant for Customer Account Extensions? I’m trying to keep it small an native to avoid external hosting etc.
Yes - Brett is correct, if you’re creating the metafield from the admin, you need to set the correct access for that metafield in the Custom data settings.
Alright, two more ideas to try out from an engineer on my team:
You mentioned have the access scopes in your app toml file, but did you also run shopify app deploy and accept the new scopes from the shop you’re testing on?
Do you happen to be testing this on the customer accounts order status page in a pre-authenticated state?
I’m deffo working with a normally admin-created metafield. Generally I just need to store some custom Customer specific data that they need to be able to modify themselves.
I did deploy
I’m not in the pre auth state
And for the winner; my ignorance - I’ve totally forgot to open the app and accept new access scopes. I’ve just checked the app dashboard and noticed the access scopes listed there.
@curzey glad you were able to get that figured out here and it was simple solution! Sounds like what you were experiencing here is a bit of a different situation than we ran into.
When creating a non app-owned metafield via Admin API, we cannot set the Customer Accounts API access. We’re having to detect this and display a warning in our app to instruct the merchant to manually change the access setting through the Shopify admin settings if necessary.
When creating an app-owned metafield via Admin API, we can include the Customer Accounts API access setting and all works correctly.
Either way, once the access permission is set correctly actually writing to the metafield isn’t a problem so no issue there.
It’s been a couple of months since we’ve built this feature so it is possible something has changed or been updated here, but that was our experience with this.
@Kenza_Iraki Thanks for sharing! We were participating in the launch program for Customer Account Extensions so our features were all built out well before this.
I believe we may have missed this change with all of the other announcements and the customer account extension launch on that day, but I’ll make sure to pass this information on to our team to test and let you know if we experience any problems with it. Thanks again for flagging this.
Hi everyone, I have quite new at shopify dev and there’s a lot to go through. Anyway i’d like to better understand this topic as it matches my workflow.
I have an admin metafield attached to customer;
I have an extension customer account ui that i need to read/update that metafield. OR i suppose i could create this metafield attached to the app too. I just need to be pointed out to the correct direction. Thanks!
Hey Curzey, thanks for replying. I’ve been looking into the link you sent, as I hadn’t found this one - thanks!
One question that persists is - can my Customer UI extension use the metafield on Customer created in the Shopify Admin, providing that it has the proper permissions (read/write customers)?
UPDATE: After requesting the correct access_scopes it works : ) That link was very useful Curzey, thanks so much. I’m finding Shopify documentation to be out-dated and scattered around often.
