Re: App Development Oauth process questions

App Development Oauth process questions

Shopify Partner
11 0 2

Im creating an embedded app and I'm a little confused around the Oauth process. 

I've managed to successfully Authorize my application but after that I'm a little confused.  I have two questions.


1. When I install my app.  I call shopify's auth URL and send it my callback URL. Shopify loads this url in the top of the window (not within the shop admin iframe). When I'm done verifying the callback and have stored my access token, I then wish to return to the admin screen, however I can't seem to find a way to redirect back to the shopify admin and display my app screen. Is there some way to do this with the AppBridge Redirect or something else?


2. Once I have installed my app, I am not sure if I need to keep reauthenticating it?  I am assuming that the Oauth process  only needs to be performed at installation time, and from then on I use the hmac value that's passed in the iframe to validate the initial loading of the app inside the iframe of the admin screen whenever an admin user clicks to administrate the app.  Is this correct? Do I only need to perform Oauth at the time of installation?


Thanks in advance. 

Replies 2 (2)

Shopify Staff
402 66 101

Hey @CarBar 

With Question 1) - Did you have an x-request_id? We can take a look at the request in the logs.

With 2) Yes Oauth would be performed at the time of installation, except when there has been a change in the access scopes to the app - the merchant would have to click 'update app' and by doing re-request any new scopes. 

| Shopify |
- Was my reply helpful? Click Like to let me know!
- Was your question answered? Mark it as an Accepted Solution!
Shopify Partner
11 0 2

Hi @Luke_K 


Thanks for that.  Can you explain more what the x-request-id is and where I should be seeing this?  Is this in the request from shopify calling my callback url? 

Do you have an example or some documentation you can point me to?  And how do I use this?  is this something I use the app bridge redirect for?

Just to clarify on this.  I want to be able to redirect back to the shopify app screen for my app after authorizing the callback.