If the call can not be made with AJAX it means you'll need to do all the validation steps via the API.

What does a validated customer actually mean for you? If I'm not validated what happens, or what can't I do? That's important to know.

To throw an idea out there, perhaps you want to consider a flow where :

• the customer first creates a Shopify account
• they are (somehow) directed to your site to ask extra questions
• you match up the data from what they entered (perhaps a simple hash comparison with some salting method) against what you have
• from there add a tag/metafield/something that then marks them as validated.

If customer accounts are option or mandatory you will not be able to stop a customer from creating an account so the above may be closer to what you need.

Hi,

Thank you for your reply. It's pretty simple. A user should not be able to buy from my shopify store unless they have passed some profile checks on my website. So basically, I need a way to make an API call to my servers before allowing the purchase on shopify. Do you think it's possible without exposing my APIs (which can happen if I use AJAX). I want to make a secure call to my servers (something like a backend call). Do you think App Proxies can do that for me?

My question is simple: Can I make an API call to my servers using Shopify (apart from AJAX)? (I need something that works in the background. Security of my APIs is of primary importance)

Please share if you have any other suggestions.