Hi,
I'm getting 403 Forbidden Access Error when calling Shopify::CollectionListing
Other APIs including Shopify::Product are working but CollectionListing is not working.
the controller is like as the following code:
class HomeController < ShopifyApp::AuthenticatedController
def index
@collection_list = ShopifyAPI::CollectionListing.first
end
end
What's the cause regarding this issue?
Thanks
@bstarr322 could be that your scope isn't set properly.
You'll need to add this to your scope: read_collection_listings
https://help.shopify.com/api/getting-started/authentication/oauth/scopes
EDIT: If you still didn't release your app, just re-install it. It's much easier than doing re-auth to approve new scope.
Thanks for replying.
Even I added that scope, but when installing app, shopify only accepts read_products scope.
Here my app settings:
ShopifyApp.configure do |config|
config.application_name = "SOG API"
config.api_key = ENV["SHOPIFY_CLIENT_API_KEY"]
config.secret = ENV["SHOPIFY_CLIENT_API_SECRET"]
config.scope = "read_collection_listings, read_products"
config.embedded_app = false
config.after_authenticate_job = { job: Shopify::AfterAuthenticateJob, inline: false }
config.session_repository = Shop
end
Looks good to me. If you have access to rails console on production server, try checking the output of ShopifyApp.configuration.scope.
Or maybe just restart the server. Could be that you have the old scope being used in the app.
ShopifyApp.configuration.scope
=> "read_collection_listings, read_products"
heroku restart
they all do not work.
any other solution?
After changing the access scopes the app must be re-authenticated on your shop, meaning you go through the OAuth authorize phase again to get a new authorization from the merchant: https://help.shopify.com/api/getting-started/authentication/oauth#step-2-ask-for-permission
To know which scopes were granted for a given access token, you can look at the scope field returned by shopify in response to the POST to /admin/oauth/access_token (see the json structure described at https://help.shopify.com/api/getting-started/authentication/oauth#step-3-confirm-installation)
when app installation, it says "This app includes collection listing and reads products" and after installed on app details dialog, it says "Read products, variants and collections".
and when I open app, I still get:
ActiveResource::ForbiddenAccess (Failed. Response code = 403. Response message = Forbidden.)
The code for collection listing is:
@collection_list = ShopifyAPI::CollectionListing.first
To test which scopes the app is authorized for, you can do:
ShopifyAPI::AccessScope.all.map(&:handle)
Try adding all the scopes and see what happens. Perhaps you need some other scope so you can find out which one by the process of elimination.
Thanks @EiNSTeiN- and @vfonic for your help
I reinstalled app and it works.
Btw, ShopifyAPI::CollectionListing.find(:all) returns nil. But store has lots of collections and products(14k products).
Did I miss anything while using listing API?
ShopifyAPI::Collect.find(:all).count is 50
I've found answer: https://github.com/Shopify/shopify_api/issues/421
listing api is only for sales channel.
then is there any way to get a product ids list of a specific collection?
Using the shopify_api gem:
# Return an array of product IDs belonging to a specific collection
ShopifyAPI::Product.where(:collection_id=>1234567).map { |product| product.id }
Does that answer your question? If you have further questions or issues with using the shopify_api gem I recommend asking them on either the APIs and SDKs forums or in the project repository.
Feel free to let me know you feel there's an issue with the shopify_app gem.
Looks good to me. If you have access to
rails consoleon production server, try checking the output ofShopifyApp.configuration.scope.
Or maybe just restart the server. Could be that you have the old scope being used in the app.
helped me. thanks
Most helpful comment
After changing the access scopes the app must be re-authenticated on your shop, meaning you go through the OAuth authorize phase again to get a new authorization from the merchant: https://help.shopify.com/api/getting-started/authentication/oauth#step-2-ask-for-permission
To know which scopes were granted for a given access token, you can look at the
scopefield returned by shopify in response to the POST to/admin/oauth/access_token(see the json structure described at https://help.shopify.com/api/getting-started/authentication/oauth#step-3-confirm-installation)