Reputation: 155
Shopify OAuth authentication does not return permanent access token
I am developing a shopify app with rails and I am following both these links for the OAuth2 authentication: http://api.shopify.com/authentication.html & https://github.com/Shopify/shopify_api.
I have become stuck at the step where I ask for the permanent access token. I have POSTed the client_id, client_secret & code parameters to https://SHOP_NAME.myshopify.com/admin/oauth/access_token as specified in the authentication documentation however I do not receive the access token. The response I get is Status 200 with an empty body and header.
Code:
http = Net::HTTP.new("https://#{params[:shop].to_s.strip}")
request = Net::HTTP::Post.new("/admin/oauth/access_token")
request.set_form_data({
"client_id" => ShopifyApp.configuration.api_key,
"client_secret" => ShopifyApp.configuration.secret,
"code" => params[:code].to_s.strip
})
response = http.request(request)
Response:
@body=[],
@header={},
@status=200,
What is confusing me even more is (I could be wrong here, but) the shopify_app doesn't seem to do this step. I also found this similar question: Unable to receive a permanent access token for my Shopify App but It hasn't been answered yet.
Edit: removed .myshopify.com from http = Net::HTTP.new("https://#{params[:shop].to_s.strip}") as it was a typo.
Edit 2:
I have tried posting from an HTML form which gave me results, however I was not able to get this to work inside my code using either the example above or with the rest-client gem.
Still very confused as to whats happening here.
Upvotes: 4
Views: 4430
Answers (2)
Reputation: 161
Shopify does return the Permanent Access Token, but the ACCESS_MODE must be "Offline" for the token to be permanent.
With ACCESS_MODE offline, your app receives the permanent access token to make requests whenever you want, without the user's permission.
Documentation:
https://shopify.dev/tutorials/authenticate-with-oauth#step-2-ask-for-permission https://shopify.dev/concepts/about-apis/authentication#api-access-modes
Upvotes: 0
Reputation: 38568
Please see the provided answer on the question you linked to.
If that isn't the same issue for you then can you post the raw request and response data that is being sent/received? The api key you are using would help as well.
I would suggest trying it with curl on the command line, if that doesn't work you can post each curl string for each step along the way.
shopify_app depends on omniauth and omniauth-shopify-oauth2 which handles the oauth authentication.
Upvotes: 1
Related Questions
- Can not get Shopify online access token
- Shopify oauth returns false while trying to fetch the access token using curl in PHP
- Unable to get permanent API access token for public app in shopify
- How to get the permanent token for Shopify (Rails)?
- Shopify: Problems Getting OAuth Access Token
- OAuth Post Request Failing
- Can not get the proper reply Shopify API Authentication
- Rails omniauth-shopify-oauth2: "[API] Invalid API key or access token (unrecognized login or wrong password)" from console
- Unable to receive a permanent access token for my Shopify App
- Shopify OAuth Authentication with redirect_uri returns invalid_request