`AccessDenied` on production, but not development

[danielfriis]

I'm running this query:

query = <<~QUERY
      query {
        shopifyqlQuery(query: "FROM sessions SHOW sessions, pageviews TIMESERIES day WITH TOTALS, CURRENCY 'DKK' SINCE -1m UNTIL today ORDER BY day ASC VISUALIZE sessions") {
          tableData {
            columns {
              name
              dataType
              displayName
            }
            rows
          }
          parseErrors
        }
      }
    QUERY

to get sessions and page_views

My application-wide api version is set to 2025-07, but for this query I set the Shopify session like this:

ShopifyAPI::Clients::Graphql::Admin.new(
      session: shopify_session,
      api_version: "2025-10"
    )

and run the query: shopify_client.query(query: query)

The app has the read_reports access scope.

It works in development, but in production, I get: Access denied for shopifyqlQuery field. Required access: "read_reports" access scope.

It seems that the access scope should be set:

shop.access_scopes
=> "read_products,read_reports,write_themes"

Any idea why this would work in development but not production?

[lizkenyon]

Hi there 👋

Could you provide a bit more context about your app set up?

• Is your app embedded or non embedded
• If embedded is your app using Shopify managed install and token exchange
• Are you defining your scopes in the shopify.app.toml file or in you the shopifyAPI config object?

[danielfriis]

Hey there @lizkenyon 👋

1. It's embedded
2. I'm using managed install
3. I've set scopes both in the toml file and config object actually

[danielfriis]

Maybe I'm seeing the error because I need to submit an application for "working with protected customer data" (https://shopify.dev/docs/apps/launch/protected-customer-data#protected-customer-data-api-types-and-resources). I'm not using customer data though (sessions and page views), but maybe I need to apply anyways?

[lizkenyon]

Yes, based off this documentation I would agree with your assumption, even if you aren't using customer data in this particular query.

I don't this this is related to this package. You can create a post in the developer community forum, and it would connect you with someone who knows about ShopifyQL and the read_reports scope.