Airtable Script fetching Shopify's data - Invalid Key

Hello all !
(It’s my first post in this forum, if i’m not following guidelines please feel free to tell me !)

I quite new in the Airtable world.
I’m currentlty trying to create a script (with the script app powered by Airtable) in order to fetch data from my (test) shopify store.

But here is my point :
→ Airtable do not allow to use the class authentication used by Shopify, which is :
GET https://{username}:{password}@{shop}

→ So i need to use Basic Auth as it’s explained in theire documentation. But it’s not working, and i get this error message : “[API] Invalid API key or access token (unrecognized login or wrong password)”.

Did someone ever face this issue and know how to solve it ?(I’m sur about my credentials, and i also delete and recreate my app in order to prevent this mistake).

I’m surely missing something but i don’t know what it is…

Here is my code :

  const apiKeyShopify = "MY_SHOPIFY_API_KEY";
  const passwordShopify = "MY_SHOPIFY_API_PASSWORD";
  const nameShopifyStore = "";
  const versionApi = '2021-01'
  const shopifyUrl = "https://"+nameShopifyStore+"/admin/api/"+versionApi+"/shop.json";
  const encodedCredentialsShopify = btoa(`${apiKeyShopify}:${passwordShopify}`)
  const httpHeader = {
      /*"Access-Control-Allow-Headers" : "Content-Type",
      "Access-Control-Allow-Methods": "GET",*/
      "Content-Type": "application/json",
      "Authorization": `Basic ${encodedCredentialsShopify}`
  const response = await remoteFetchAsync(`${shopifyUrl}`, { 
    METHOD: "GET",
    HEADER: httpHeader   
  await response.json().then(function(res) {

PS: Second chat with shopify’s support but they don’t know how to solve my issue…

Thanks a lot for your help !

Hi @Thomas_Rodier, and welcome to the community!

I would try this just for yucks.

"Authorization": "Basic " + encodedCredentialsShopify

I would also try this if the first fails to move the needle.

const encodedCredentialsShopify = btoa( apiKeyShopify + ":" + passwordShopify);

Failing any success, try this:

"content-type": "application/json",

Thanks for your answer !

Unfortunately nothing is working :confused: … !
It’s driving me crazy.

The thing that i do not understand is, i tried the same call in postman using a basic auth username and password and watching the code source with CURL i get this and get data :

curl --location --request GET '' \

--header 'Authorization: Basic MTU2ODgwMWRhNTgzZThhMDU0ZGViOWIxYWM5ZWQyY2Y6c2hwcGFfMzQzNzM4Mjc2NDQ2MWY0ZTZmNzNiYjIwYzgzNjA4OTQ=' \

--header 'Cookie: _secure_admin_session_id=18949427fdc9d09d1e2a1220b6eb3fc3; _secure_admin_session_id_csrf=18949427fdc9d09d1e2a1220b6eb3fc3; _s=c5344a9b-c509-45ac-af45-848a0dfa43b5; _shopify_fs=2021-02-16T15%3A58%3A53Z; _shopify_s=c5344a9b-c509-45ac-af45-848a0dfa43b5; _shopify_y=aa047315-8d6b-447f-8676-683b9e62cbf9; _y=aa047315-8d6b-447f-8676-683b9e62cbf9'

So it’s exactly the same that i’ve done, or maybe i’m missing i something.

Actually, it’s not an exact replication. The existence of the cookie session suggests that you were logged into your Shopify account in an adjacent tab when you conducted the postman experiment. This is speculative, but likely why it worked.

In any case, this call requires that the following security scope is enabled in your Shopify API Admin console:

This code works just ducky for me.

// define the request url
let url          = "";

// define the credentials
let apiKey       = "***";
let password     = "***”;
let authKey      = btoa(apiKey + ":" + password);

let options   = {
    "method": "GET",
    "headers": {
        "Content-Type"  : "application/json",
        "Authorization" : "Basic " + authKey,

await remoteFetchAsync(url, options)
    .then((resp) => resp.json())
    .then(function(data) {
    .catch(function(e) {

Thanks a lot Bill ! It’s working :smiley:

Actually i did some test regarding my code and yours, and it’s turned that my header declaration was not good.

Anyway, thanks a lot really appreciated your help !

This topic was solved and automatically closed 3 days after the last reply. New replies are no longer allowed.