Hi newbie here,
I have some question. Hope that someone could explain to me. I want create an app and sell it to x store.
+ Does shopify help store shop' s access token and their url or I have to create one to store it ?
+ If my app want to do something in the front end (for example: write a comment or a review, like a product, ... ) . How it will communicate with my app's database ?
+ Does access token is permanent ?
Thank in advance
One by one:
1. Access tokens - if you mean an environment variable that they provide somehow, then no - remember that an app, while displayed in a merchant's admin panel, is still running on your server (hence the term "embedded app"). So the "environment" is on your machine, not theirs. It's up to you to declare environment variables for your credentials (often you'd set 'SHOPIFY_API_KEY' and 'SHOPIFY_API_SECRET_KEY' in a .env file, and import it into React/whatever later).
3. That's actually a good question I've never thought about before. As far as i know (and that's just from my experience and looking in https://help.shopify.com/en/api/getting-started/authentication/private-authentication and https://help.shopify.com/en/api/getting-started/authentication/private-authentication and https://help.shopify.com/en/api/getting-started/authentication/public-authentication for private and public apps, respectively) there is no expiration time for a Shopify API Key, a Shopify API Secret Key, or a Shopify Access Token. However, it's perfectly reasonable to assume that those tokens expire on Shopify's Backend at some point, and you will be prompted to generate new ones. It just never happened to me personally. Maybe @Dirk or someone else from the Shopfiy team can come in and answer this?