Webhook + admin api + order create

Hi,
I am helping a client build a method /webhook that edits the orders object whenever a new order is created, I got the webhook working well, but when i go to call the admin api for graphQL in the event hook event it doesn’t work.

Screenshot 2024-12-30 at 1.26.21 PM1932×1824 434 KB

Line 36 is when the issue occurs, is this the correct way to build a simple script that mutates/edits the order object whenever a new order is created?

it doesnt find he admin object after deconstructing

// Authenticate webhook and parse the shop and topic
const { shop, topic, payload, admin} = await authenticate.webhook(request);

Please help my client needs this asap

P.S
I tried converting the remix app to use a mysql db but it broke my app and webhook. I am just lost what I want to do is simple but I am having infrastructure issues

Is there any error message? Can you share it?

it doesnt find he admin object after deconstructing

// Authenticate webhook and parse the shop and topic
const { shop, topic, payload, admin} = await authenticate.webhook(request);

First off, I assume you’re using the Shopify Remix app template, just based off of the short snippet of code you shared.

The authentication of both session tokens and webhooks relies on the Session manager. There are different session adapters available, some are managed by Shopify but others can be custom to support other databases like MongoDB.

Which session adapter are you using for integrating the Shopify package to your database?

The problem might be that your session manager isn’t loading the session properly. If the Shopify NPM package cannot find your session, then admin will be undefined. Please see this line here:

What should i do with that snippet of code?

Someone told me that the auth for webhooks and admin are different, via they are separate application .

So i fixed the issue kinda, i created another route called api/test

if im using a clean loader without an auth (request token) the get api/test works fine, but when i add a. request param it doesnt work and throws 410 error why might this be. it isnt even hitting the end point. am i missing something?

export const loader = async ({ request }) => {
    const {admin} =await authenticate.admin(request);
    if(admin){
        console.log("we got data")
    }
   
    const obj = {
        reponse: "ok"
    }
    return obj;
  };```

I did a quick test using a newly created remix app (created with shopify app init). I then added the following scope and webhook to my shopify.app.toml:

  scopes = "read_orders"

  [[webhooks.subscriptions]]
  topics = [ "orders/create" ]
  uri = "/webhooks/orders/create"

Then created the file app/routes/webhooks.orders.create.jsx with the following content:

import { authenticate } from "../shopify.server";
export const action = async ({ request }) => {
  const { shop, topic, payload, admin } = await authenticate.webhook(request);

  console.log(`Received ${topic} webhook for ${shop} with payload: ${JSON.stringify(payload, null, 2)}`);

  if (admin) {
    const response = await admin.graphql(
        `#graphql
        query {
            orders(first: 10) {
                edges {
                node {
                    id
                    updatedAt
                }
                }
            }
        }`
    );
    
    const orders = await response.json();
    console.log(`GraphQL response data: ${JSON.stringify(orders.data, null, 2)}`);
  }

  return new Response();
};

This successfully logged the webhook being received, as well as the response from the GraphQL with the orders for the shop. You should be able to hopefully use this as a rough template for what you are trying to accomplish.

If you are running into further issues please include any errors you are receiving along with your code snippets. As Dylan mentioned it may also be related to the session manager you are using if the code snippets above aren’t working as expected with your setup, in which case please provide more details on what you are using for a session manager and any other additional configurations you may have made.

this doesnt work, How do i know which shopify session manager am i using? I used the one that came with the remix template for webhooks.

If you are just using the webhooks remix template you shouldn’t have to worry about the session manager as that should all work out of the box. The code snippet I provided I tested with a newly created app remix, and saw the webhook logged along with the GraphQL response data as expected. Could you provide the log output you are seeing along with any errors?

First thing to check is whether your app is actually deployed or if you’re running locally with ngrok or similar. The admin object in authenticate.webhook() will only be available if Shopify can validate the session, which requires your app to have completed OAuth with that store and have an active access token stored. If you’re testing on a fresh dev store where the app was never properly installed through the OAuth flow, admin will be undefined and your GraphQL call silently fails.

Try adding a quick check before your API call:

if (!admin) {
  console.log("No admin context available - app may not be installed on this store");
  return new Response();
}

If that logs, you’ve found your issue. The webhook will still fire because Shopify delivers it regardless, but your app needs a valid offline access token to make API calls back. Make sure you’ve actually installed the app on the test store through the proper flow, not just created a webhook subscription manually.

Also worth confirming your scopes actually got applied. After changing shopify.app.toml, you need to run shopify app deploy and then reinstall the app on your dev store to pick up the new read_orders scope. The Partner Dashboard shows what scopes are currently granted under your app’s API access settings.

What does your terminal output show when a test order comes through? Even a “received webhook but nothing else” log would help narrow things down.