Hi everyone,
I’m building an app that helps merchants collect COD (Cash on Delivery) orders. The app allows customers to fill in a form (name, phone, address, product, etc.), and then it uses the Shopify Admin API to create the order with a pending status. No online payment is involved, and we do not collect any payment information.
However, my app submission was rejected with the following message:
Shopify can't guarantee the safety or security of an order that has been placed through an offsite or third party checkout. Apps that bypass checkout or payment processing, or register any transactions through the Shopify API in connection with such activity, are prohibited.
Your app enables merchants to create a form that acts as the checkout page to collect customer data; see this screencast for reference.
I understand that bypassing Shopify’s checkout is not allowed, but in the case of COD, there's no payment to process. I’d like to ask:
What is the correct and compliant way to create COD orders via an app?
Is using draft orders and letting merchants finalize them manually the right approach?
Are there any official guidelines for apps handling offline payments like COD?
Thanks in advance for your help!
