When the merchant selects a link from More Actions, Shopify redirects to the App, meaning we need to authenticate the incoming call. It used to be simple, session cookies. Now it is JWT tokens. Thing is, Shopify does not include these session tokens when they make their calls to the App. So these calls from Shopify are handled how?
Just curious. Seems we are currently stuck having to support both which is awkward at best. Anyone have any insight or comment on how they are handling this? Messy?
Custom Shopify Apps built just for you!