authenticate.public.checkout Throws 401 Unauthorized Error on v3.5.0

[ayushsoni1001]

Description

When using the latest version (v3.5.0) of the SDK, calling the authenticate.public.checkout method from the Checkout UI extension consistently throws a 401 Unauthorized error. The issue is not present in version v3.4.0, where the same code works as expected.

Here’s the implementation:

const { sessionToken } = await authenticate.public.checkout(request);

Steps to Reproduce

1. Update the SDK to the latest version v3.5.0.
2. Invoke your API route using authenticate.public.checkout from the Checkout UI extension.
3. Pass the session token in the request header.

Expected Behavior

The request should authenticate successfully, and the API should proceed without errors.

Actual Behavior

The request fails with the following response:

Debug Logs

Authenticating checkout request | {shop: null}
error Response {
  status: 401,
  statusText: 'Unauthorized',
  headers: Headers { 'X-Shopify-Retry-Invalid-Session-Request': '1' },
  body: null,
  bodyUsed: false,
  ok: false,
  redirected: false,
  type: 'default',
  url: ''
}

The error consistently shows 401 Unauthorized.
The shop field in the logs appears to be null.

Workaround

Downgrading to version v3.4.0 resolves the issue. The authentication mechanism works as intended in this version.

Additional Information

Environment: Node v22
SDK Version: v3.5.0
Checkout Extension Version: 2024-10

Request

Please investigate the changes introduced in v3.5.0 that may have affected the authenticate.public.checkout method. If this behavior is intentional due to an API or SDK update, kindly update the documentation or provide guidance on required changes.

Thank you! 😊

[lizkenyon]

Hi
This should be resolved with v 3.5.1. Thanks!