I am writing on the Shopify admin API. I am trying to store a new product through Spring boot REST template. It shows an error. I read an article. that said, “I want to change read and write access in the private app”. I changed it to read and write mode. But The read mode is working fine. When I try to add a new product. I am getting the error.
Request:
Method : POST
{
"product": {
"title": "Burton Custom Freestyle 151",
"body_html": "<strong>Good snowboard!</strong>",
"vendor": "Burton",
"product_type": "Snowboard",
"published": false
}
}
Response:
<html>
<body>
<noscript>
<a href="https://app.shopify.com/services/login/identity?destination_uuid=9b4d5083-3355-4828-93dd-f077e9531664&return_to=https%3A%2F%2Fapp.shopify.com%2Fservices%2Flogin%2Fidentity_callback%3Fshop_name%3DFestivya%26state%3DRFvJCqXh64NCu1FGcxpD8vzVFSJrDVuDkTuz9exEjDjFgjbjXD5X8KFDXQu4LKOjOahYF0Bid_Dy2ejkD8yUu4mIHpKUT2aT0fpiAIhROlhT9NxAU3QkzBMeb715ANSGOon1duh3pqkRlZD0URqr3B8YUzcTC1lA8BpN5Thjg--LIpOKpJHbtE6FlbBQ-yHZ8dq3RDJilr9pCo42I3owe-wOj3Z7gvQ-IOZ_h_xNtKY%253D&ui_locales=en&upgradeable=true&ux=shop">Continue</a>
</noscript>
<script type="text/javascript">
window.location = "https://app.shopify.com/services/login/identity?destination_uuid=9b4d5083-3355-4828-93dd-f077e9531664u0026return_to=https%3A%2F%2Fapp.shopify.com%2Fservices%2Flogin%2Fidentity_callback%3Fshop_name%3DFestivya%26state%3DRFvJCqXh64NCu1FGcxpD8vzVFSJrDVuDkTuz9exEjDjFgjbjXD5X8KFDXQu4LKOjOahYF0Bid_Dy2ejkD8yUu4mIHpKUT2aT0fpiAIhROlhT9NxAU3QkzBMeb715ANSGOon1duh3pqkRlZD0URqr3B8YUzcTC1lA8BpN5Thjg--LIpOKpJHbtE6FlbBQ-yHZ8dq3RDJilr9pCo42I3owe-wOj3Z7gvQ-IOZ_h_xNtKY%253Du0026ui_locales=enu0026upgradeable=trueu0026ux=shop";
</script>
</body>
</html>
2
Answers
This is not a API permission issue. In that case you will get a related error message. This issue is because of sending cookies with POST request. As per Shopify documentation:
Just disable the cookies. For that I think yor are looking for Session Creation Policy.
For more information have a look at this detailed answer.
In your Web Security Configuration file, which is inherited from
WebSecurityConfigurerAdapter
, like:in the method
protected void configure(HttpSecurity http) throws Exception
define session management toSTATELESS
like this: