Ad

Shopify API With Postman Chrome App

- 1 answer

I am using Shopify API through the Postman Chrome app. I have used OAuth 2.0 and have an authorization code to which I am passing in the header with API call.

Now If I am logged into my Shopify store in Chrome, and enabled a Postman plugin named "Intercepter" and no access code in the header then also I receive response else not.

I am confused now that what is the use of access token passed in the header if I can access response without it.

I am performing GET API call. Please Help.

Ad

Answer

Using an API key has the primary advantage of being more portable- while you may be able to access the API endpoints via your logged in browser session, you wouldn't want to be using browser sessions for authentication from within a real application.

Also, from experience, I can tell you that some of the API behavior from browser-session based authentication is different from the behavior when using an API key. For example, requesting the following with your browser session:

https://your-store.myshopify.com/admin/products.json?query=shirt

will return an HTML response (despite the .json) containing search results. This API is only used internally by the Shopify admin, and not available when using an API key.

Ad
source: stackoverflow.com
Ad