Questions about how a script_tag script should communicate with my backend API

Highlighted
Shopify Partner
3 0 0

Hi, I am building an app which loads a script_tag into the store, rendering a button as a React component. As part of the React component, I want to send POST and GET requests to my backend API (api.myserver.com). These request should include some sort of customer identification so that I can authenticate and authorize the requests.

 

  1. What is the appropriate way to communicate with my backend API (https://my-server.com) from the script loaded in the store?
  2. As far as I can tell, an application proxy can achieve this. Is that the preferred way to communicate with my backend API? Are there other options?
  3. Can I send POST requests via an application proxy?
  4. Can I reliably authenticate customers in my backend? How would that work?
  5. How does an admin embedded app communicate with my backend API?

I'm new to the Shopify platform so I'm still trying to get my head around a few things. Thanks in advance for the help!

0 Likes
Highlighted
Shopify Staff
Shopify Staff
1041 140 167

Hey @Roreo,

 

1. An AJAX request.

2. A proxy is a nice to have - you could also just send the request directly to your endpoint.

3. Yep, all data will be forwarded.

4. You could use the customer id if they're logged in, but this could be forged. The Storefront API has a method to validate credentials, you might be able to use this.

5. The embedded app is just loading your app in an iframe, so you can send requests anywhere you like.

 

Let me know if you have any questions!

Notice; Out of office, replies will be delayed until my return. Thanks!
0 Likes