Storing and retrieving a custom API Key to make secure calls to our API

developer_2020
Shopify Partner
60 0 7

Hi,

 

We have a sales channel that we maintain and we would like to make secure calls to our API by issuing a merchant an API key (from us) which they can enter into an input within the sales channel app and store it securely so we can then use it to send calls to our API and ensure it is from the merchant associated with that key.

 

We already have the access token that Shopify send to us but this key will be something we provide to the merchant.

 

How can we securely store this key within Shopify and ensure it is not exposed in anyway?

Replies 3 (3)

Don
Shopify Staff
2767 199 388

Hi there @developer_2020!

 

I just wanted to let you know I have moved your post here to our dedicated API forums.

 

As we're unable to provide developer-level support ourselves, these threads have been provided in order to ask any API-related queries.

 

Our developers and Partners monitor and respond to these threads, so they're really the best place to post for API questions like this.

 

If you haven't already, you can check out our API developer docs here on authentication and authorisation.

Don | Social Care @ Shopify 
 - Was my reply helpful? Click Like to let me know! 
 - Was your question answered? Mark it as an Accepted Solution
 - To learn more visit the Shopify Help Center or the Shopify Blog

developer_2020
Shopify Partner
60 0 7

Ok thanks Don

developer_2020
Shopify Partner
60 0 7

Is there a way to do this by storing a value in a config server side using Bridge or something along those lines?