I’m trying to create a metafield on a page from a private app using the REST API, but getting back an unexpected HTML response that appears to be an attempt to redirect to an OAuth authentication page.
I’m doing a POST to /api/2021-10/pages/{id}/metafields.json where {id} is the id of the page I’m trying to add the metafield to. I’m using HTTP basic authentication.
If it helps, I can GET the metafields for a page just fine (it correctly returns a json content type with an empty array). Attempting to create a metafield fails as described above though.
Where does this call come from? I really hope that it’s not the storefront via some JS - that would be really bad.
I would assume your request has cookies in it so those are blocked.
Did you test the same call in a different stack (such as desktop postman - making sure cookies are not sent there too!)
Jesse from the Metafields team here. The only way I am able to reproduce your issue is if I leave off the trailing “.json” - could you double check that you are attempting to POST to “/2021-10/pages/PAGE_ID/metafields**.json**”? Also double check that your app has Read and Write access to Store content.
How are you managing cookies? Making a post request (doesn’t happen with get) and receiving a response with a login url/window is a common outcome for users who attempt to make a request with basic http auth and include cookies, if that’s something you haven’t checked yet