Shopify API Access Has Been Disabled

- 1 answer

I try to create a Shopify application with koa. I use the koa-shopify-auth official package and the two methods shopifyAuth and verifyRequest to get a token with right scopes from the shop.

After getting fresh and validated token with right scope, I make a request on which is a simple endpoint to get information about the shop using app.

Sometime I get the right answer from the API, but sometime I get an error:

    "errors": "[API] API Access has been disabled"

The token is good because some shop works well, the token is not invalid for this shop because this is not the same error (Invalid API key etc.)

Do you know this error message and why I get it ?



I didn't find a solution to this problem but I found an alternative to move around, the app must be uninstall and reinstall, really painful to say that to clients but it seems to work.

This issue is maybe related with API access mode (online/offline) and the Shopify security might be confused about this.

An API request made using an online mode access token is guaranteed to respect the user's individual permissions. Shopify returns a 403 Forbidden status code when the access token is valid but the user does not have access. Application developers should make sure to handle such a response gracefully.

From API access mode (Shopify doc)