Im creating an embedded app and I'm a little confused around the Oauth process.
I've managed to successfully Authorize my application but after that I'm a little confused. I have two questions.
1. When I install my app. I call shopify's auth URL and send it my callback URL. Shopify loads this url in the top of the window (not within the shop admin iframe). When I'm done verifying the callback and have stored my access token, I then wish to return to the admin screen, however I can't seem to find a way to redirect back to the shopify admin and display my app screen. Is there some way to do this with the AppBridge Redirect or something else?
2. Once I have installed my app, I am not sure if I need to keep reauthenticating it? I am assuming that the Oauth process only needs to be performed at installation time, and from then on I use the hmac value that's passed in the iframe to validate the initial loading of the app inside the iframe of the admin screen whenever an admin user clicks to administrate the app. Is this correct? Do I only need to perform Oauth at the time of installation?
With Question 1) - Did you have an x-request_id? We can take a look at the request in the logs.
With 2) Yes Oauth would be performed at the time of installation, except when there has been a change in the access scopes to the app - the merchant would have to click 'update app' and by doing re-request any new scopes.
| Shopify | - Was my reply helpful? Click Like to let me know! - Was your question answered? Mark it as an Accepted Solution!