Tag Archive for: ecommerce

shopify invalid session token

Invalid session token - solve the annoying shopify error

If you have been working with shopify apps then you might have come across an error that says that you have an invalid session token. The reason behind this error might come from a race condition. The client tries to get some information from the server before it received a valid session token. Usually the client should have a session token, when making requests but you cannot be a 100% sure all of the time, thus the error is presented.

If you are making requests with axios then your request might look something like this:

// WRONG AND WIll LEAD TO ERROR DUE TO RACE CONDITIONS!!
axios
.get("https://test-application.test/api/endpoint")
.then(
    (response: {
        data: {
            content: string;
        };
    }) => {
            console.log("data:", data);
        );
    }
)
.catch((error) => {
    console.log("ERROR:", error);
});

In order to make sure that there won't be a race condition you can intercept your client's call and add some properties to the headers. All of this can be done very easily with axios. We want to make sure that the session token is always sent to the server, and in order to create a session token you will have to install an npm package from shopify.

You will need some methods from the shopify app-bridge-utils so make sure to install the npm package @shopify/app-bridge-utils:

npm i @shopify/app-bridge-utils
const instance = axios.create();
// Intercept all requests on this axios instance

instance.interceptors.request.use(function (config) {
return getSessionToken(app).then((token) => {
    config.headers["Authorization"] = `Bearer ${token}`;
        return config;
    });
});

instance
.get('https://test-application.test/api/endpoint')
.then(
    (response: {
        data: {
            themeName: string;
            appBlocksEnabled: string;
        };
    }) => {
        console.log("data:", data);
        setThemeName({ name: response.data.themeName });
        setContentLoaded(true);
        setSupportsAppBlocks(
            response.data.appBlocksEnabled === "partly" ||
                "completely"
                ? true
                : false
        );
    }
)
.catch((error) => {
    console.log("ERROR:", error);
});

And now your invalid session token error shouldn't appear anymore.

You can also watch my video right here:

Making REST API calls to shopify store

Sometimes you may want to make REST API Calls to your Shopify Store. For example you may want to check the installed theme of your store and check if it supports app blocks.

The easiest way to do this is by going to your store and make the REST call right in your browser. Let’s take the theme example. If you navigate to

{your-store}.myshopify.com/admin/themes

You will be presented an overview of all your themes on your User interface. However if you add .json to that URL you will get the according JSON response:

{your-store}.myshopify.com/admin/themes.json

This request works because you are authenticated with your store. But how do you request this data if you are not authenticated? For example if you want to send a request with Postman?

The answer is: you will have to create a private app, get the credentials from that app and then you can make authenticated requests. And this is how it’s done:

  1. Go to your stores admin dashboard.
  2. go to Apps
  3. Scroll all the way to the bottom. There you should see the possibility to “Manage private apps“
  4. You can now click create a new private app. Make sure to create an app with all the access scopes that you need.
  5. After creating the new private app you can go back to the overview page of your private app. On there you will see your newly created private app.
  6. In order to get the apps API key and Password, click on the app’s name. You will be redirected to the app’s detail page
  7. You can now prepare the URL for your request. The request URL will have to look as follows
https://{PrivateAppApiKey}:{PrivateAppPassword}@{shop-url}.myshopify.com/admin/themes.json

That’s it! Now you can make authenticated API calls to your store via Postman!

If you don't feel like reading, check out my video:

https://youtu.be/9a7A2pTtTDc