It seems that the process for creating an access token for the GraphQL API has changed. The screens are different and the same options are no longer available. I’ve created an app through the Dev Dashboard and assigned all scopes. I’ve then installed the app on a dev store. When making a request to the API, I get;
[API] Invalid API key or access token (unrecognized login or wrong password)
This used to all work, and if I use old tokens on other stores, it still works. It’s something related to changes that have been made to Shopify. The one thing that stands out is that the old tokens start with “shpat_” and the new tokens start with “shpss_“.
I just need straight forward instructions on how to create an API token to allow external apps to access Shopify data.
The shpss_ value is actually your Client Secret, not an access token. To generate an access token for your Dev Dashboard app, you’ll need use the OAuth API to generate a token with the client credentials grant:
I just can’t see how this works. Every example I’ve read makes assumptions, such as the store owner being the one triggering an Oauth workflow which gives them a screen to authorise the external app.
Let’s take a really simplistic example. Let’s say that we have business partners on Shopify and they want to give us access to their stock levels. We have a server that calls a bash script via cron that uses curl to make an API request. How can the store owners generate a token that the bash script can use to make its requests?
Ok. That’s working. Thank you. One final question; is there an easy way to allow a user to create the app in Shopify with the appropriate access scopes, or will they need to follow our documentation and manually select the required scopes?
