Focuses on API authentication, access scopes, and permission management.
Starting on July 7, 2023, we began observing random "Invalid signature" errors when validating app proxy signatures using the method described in the following documentation:
https://shopify.dev/docs/apps/online-store/app-proxies#calculate-a-digital-signature
In these cases, the incoming signature differed from the expected signature only by the last character. For example:
Expected: ...d318
Received: ...d319
Prior to July 7, 2023, these errors did not occur. What could be causing this?