FROM CACHE - zh-cn_header

App submission got rejected due "Use OAuth to ask for scope permissions immediately after merchants"

2 0 0

Our app's submission got rejected many time, the changes we required to do stated as "Use OAuth to ask for scope permissions immediately after merchants add your app.".

I am not sure what is that mean, seem like my app already ask for OAuth as in the video.

Any help is appreciated.


2 条回复2
103 12 20

Shopify will always append a 'shop' parameter to each url request coming from Shopify, so you can use query string parameters and grab it. And then in terms of checking against your db, the logic I have is:

  • Check if I have an access token - if not, route to OAuth
  • If there is an access token, check it is valid by actually making a request to the 'metafields' endpoint - if it is invalid, route to OAuth
  • Then check if I have an active charge ID on file for them - again if not, create a billing URL for them

Many make the mistake of only checking if they already have an access token in the db for that shop, but the correct move is to actually make a request to ensure validity.

2 0 0

Hello, thank you for your answer, but our application is free, do we still need to charge?