REST and GraphQL APIs permission discontinuity

Hi there,

we are definitely migrating from REST API to GraphQL API, as recommended by Shopify.

However, there is a field that has always been available with REST API with no permissions and that now requires new permissions. It is the “shop.password_enabled” field in REST API. In GraphQL API, instead of belonging to the “Shop” object like in REST, it belongs to the “OnlineStore” object and it requires a new “read_online_store” permission.

Could you include in the Shop object with no new permissions to maintain backward compatibility? It will make the migration very complex if we have to ask new permissions to thousands of merchants. Moreover, this field is not to access online store data, it is just to know if there is password protection or not.

Thanks and kind regards.

2 Likes

I agree with you. I am also seeing permission compatibility issues moving from REST to GraphQL. It would be great if there was a migration process that Shopify could do for us behind the scenes

1 Like