Hello!

Not sure I understand why you want to or need to pass the access token to the React app? Your node app authenticates and receives a token that as you noted you have access to through the Koa context. When your React app performs an action such as a button click which in turn does a request to your node app, that request gets checked whether the token is still valid and thus you can or cannot handle that request. Why would your React app need the token?

Maybe I am missing something here so please let me know if that's the case.

Best wishes!

Hi Karl!

Thanks for trying to help me.
What i mean is that when the user clicks the button, i want to connect to an external custom API (not to my node app), build in java, and provide them the token and the url.
How am i supposed to send them if i don't have them in my component when the user clicks the button? (Like should i make a request to my node app, get them somehow and then send them to the external api?)

The external API after that will collect all products, collections etc.

(btw it's a sales app)

@KarlOffenbergerSo Karl, could you direct me please on the right path for this?

Eh, sorry. Lost track of pending replies.

So let me get this right - or try to confirm I understood what you're trying to do.

1. You have a Shopify app that uses node.js as a backend and React as frontend
2. Your app goes through the standard app auth, receives its token and bob's your uncle
3. However, once in your app frontend, you want your app frontend to directly communicate with a 3rd party Java application / service that will perform some actions against the Shopify Admin API and therefor needs a valid token?

Point 3 is where I am not sure about whether I understood you correctly and if I did, it is cause for a little concern.

Eh... doesn't sound right to me, but then again I don't know the exact circumstances. I mean, really can't advise you here because I honestly don't know the entire scope of requirements and constraints, what that 3rd party application does, why it cannot auth itself but needs your app as a mediator etc etc.

Sorries 🤷

Might be of interest to you @theopl - Delegating access to subsystems

p.s. 👏 Shopify docs team

Hi Karl, just found your reply to this question. I also got a problem on authentication. I would like to fetch data in the file index.js. But my access_token is accessible in server.js. How can I use the accessToken in index.js as a request header?

identifyItems(orderNum, emailAdd){
        fetch(`someUrl`, {
            mode: 'no-cors',
            method: 'GET',
            headers: {
                "X-Shopify-Access-Token": ???What should I wirite here???,
                "Content-type": "application/json",
            },
        }).then(response => response.json()).then(resData=>{
            console.log(JSON.stringify(resData));
        })
        
    }

I know it's a silly question....

thanks in advance

@Ireneludi I just solved a similar problem. See the solution in my post here, it should help you.