Happening now! Exclusive AMA: Streamlining Fulfillment and Delivery with Shopify Experts | Ask your questions to be answered by our team!

Can a public Shopify app collect user API keys (to access a different website)?

Can a public Shopify app collect user API keys (to access a different website)?

AntonD
Excursionist
33 0 6

I have a pretty useful Shopify App idea where, for it to work as envisioned, the user would need to provide the API Key that would give the app access to their print-on-demand store (e.g., Printify, Gooten, etc). The app would then be able to perform certain functions both on their print-on-demand store AND on their Shopify store.

 

My question is this: Is this allowed under the Shopify App developer policies? I've already spent hours reading through their extensive documentation and lists of rules/restrictions, and given that so many things are not allowed, I would hate to spend tons of time/development effort creating an app that just gets rejected because they don't like the idea of collecting + using user API keys in this way from a separate website.

 

Does anyone have experience developing public-facing Shopify Apps that do, indeed, work in this way, and who can confirm that this is allowed?

 

Thanks!

Reply 1 (1)

Liam
Community Manager
3108 340 871

Hi Anton - is the issue you're expecting that merchants would have to manually get and enter an API key? It's possible the Shopify App Store review team may see this as a less than ideal experience as merchants often will lack technical skills to manage API keys (which may need to be updated/ rotated). Ideally handling API credentials should be managed by your app rather than manually by the merchant. 

Liam | Developer Advocate @ Shopify 
 - Was my reply helpful? Click Like to let me know! 
 - Was your question answered? Mark it as an Accepted Solution
 - To learn more visit Shopify.dev or the Shopify Web Design and Development Blog