Shopify App Development: "Access denied for orders field" Error Resolution Request

Development Environment

• Framework: Remix + TypeScript + Shopify CLI
• Execution Method: shopify app dev (local development)
• App Type: Public App (development)
• Shopify CLI Version: [Check version: shopify version]

Problem Description

Getting the following error when querying order data via GraphQL Admin API:

Access denied for orders field.

Attempted Solutions

Completed Tasks:

1. Scope Configuration Verified

toml

# shopify.app.toml
[access_scopes]
scopes = "read_orders,write_orders,read_products"

2. Environment Variables Set

env

SCOPES=read_orders,write_orders,read_products

3. App Reinstallation Completed

• Restarted shopify app dev
• Reinstalled app using new installation URL
• Confirmed order access permissions in authorization screen

4. GraphQL Query Verified

graphql

query getOrders($first: Int!) {
  orders(first: $first) {
    edges {
      node {
        id
        name
        displayFinancialStatus
        displayFulfillmentStatus
      }
    }
  }
}

Current Code

typescript

export const loader = async ({ request }: LoaderFunctionArgs) => {
  const { admin } = await authenticate.admin(request);
  
  const response = await admin.graphql(`
    #graphql
    query getOrders($first: Int!) {
      orders(first: $first) {
        edges {
          node {
            id
            name
            displayFinancialStatus
          }
        }
      }
    }
  `, { variables: { first: 10 } });
  
  // "Access denied for orders field" error occurs here
};

Error Log Details

javascript

errors: {
  networkStatusCode: 200,
  message: "GraphQL Client: An error occurred while fetching from the API. Review 'graphQLErrors' for details.",
  graphQLErrors: [Array],
  response: Response {
    status: 200,
    statusText: 'OK',
    headers: Headers {
      'x-shopify-api-version': '2025-01',
      // ... other headers
    }
  }
}

Questions

1. Local Development Environment: Why is orders data access denied even when running with shopify app dev?
2. Development Store Settings: Are there additional permissions or configurations required for development stores?
3. Shopify CLI 3.x: Are there any special considerations for Shopify CLI 3.x versions?
4. Partners Dashboard: Are there any additional settings required in the Partners Dashboard?

Additional Information

• products query works fine in the same environment
• Confirmed test orders exist in the development store
• Browser network tab shows only permission errors in GraphQL responses
• HTTP request returns 200 OK but contains GraphQL errors in response body

Looking for quick resolution from anyone who has experienced this issue!

Specific Help Needed

• Understanding why local development apps can’t access orders despite proper scopes
• Identifying missing configuration steps for Shopify CLI apps
• Best practices for debugging GraphQL permission issues in development environment

Orders and customers are PII protected fields.

In your app in the Shopify Partner Dashboard, open the API Access section, make sure you fill out the questionnaire to access order and customer protected data:

CleanShot 2025-06-09 at 10.33.37280×127 6.23 KB

If your app is unpublished, then access will be granted immediately which will unblock you from developing.

Thank you for your response.
However, I can’t find the API Access menu on the dashboard either. It’s not a menu that has been removed, is it?
I configured the settings in Admin API integration under Apps and sales channels… is this different from what you mentioned?
I would really appreciate it if you could let me know once more.

6281000×894 86.1 KB

No, I’m not referring to the OAuth access scopes for reading/writing orders.

There is a dedicated section on the Partner Dashboard for your app’s Protected Data access status.

You’ll need to fill out a draft for your development app to have access to Protected Data like customer and order details.

CleanShot 2025-06-11 at 10.25.481027×414 35.7 KB

More details here in the docs: Work with protected customer data