Open bensontrent opened 3 weeks ago
Here's some additional context on how we use this permission and how it impacts our users. Thankfully, not all of our customers use Shipping Rates, but those customers who do use this feature, users assume that their settings are saved, and then an incorrectly formed shipment is created by default.
This is our SettingsView under our "Carrier defaults" tab:
While we did consider storing these values in our own database, we like the visibility and flexibility provided by storing them in the Shipping Rate metadata. Consider a use case where a shipping rate is created on the fly at a checkout session creation event. The end user could pre-populate the shipment with the appropriate carrier, service, and packaging to eliminate mistakes when creating a shipping label.
An update: After we publish a new version of our app, we communicate new features and bugs to our users. Here's how we are communicating this bug to our users:
(link in image: https://docs.parcelcraft.com/api-guide#stripe-shipping-rate-metadata )
We have an app that has
shipping_rate_write
permissions to allow us to update shipping rate metadata.However, this permission does not work for connected accounts. For example, apps published to the public that require this permission will have features that do not work.
When attempting to update metadata on a shipping rate, we get this error:
It was confusing for us to workshop this bug since this error would never appear in the local preview app. I finally saw the bug when a customer sent a support request with a video detailing this issue, and I previewed our app using the external test link under a connected account.
I have confirmed through Postman that our app has read access to a connected account's Shipping Rate.
But it appears the write access is not available.
At first, I believed this issue appeared within the last month or so. But I realized I was mistaken: I had been using a secondary local account for real-world testing with a trusted company. To my discredit, I tested our app exclusively in the local environment with this company for six months before publishing the app to the public. This bug would have gone undetected.
This leads me to believe the write endpoint for Shipping Rates on connected accounts has never worked.