Access Token and Shop Origin

11 0 1


I'm trying to build a basic app with Koa and React. I use React with Polaris and App Bridge and Koa for backend because there is shopify-auth package on npm. So, currently i'm storing my shop origin and access token in a cookie, but I've tried to test my application on another browsers and on incognito and it doesn't work, because not all browsers manages cookies in the same way, so my app fails because Shopify App Bridge can't get shop origin from a cookie, also access token is lost.

My app doesn't have a database because I don't need one, it's pretty straightforward, do you have any ideas how i should store my access token and shop origin? I want my app to work on other browsers not only on chrome..

Thank you very much!

Reply 1 (1)
41 1 15

Hi @andreiasdfg 

Our app PicAmaze uses the auth method with (as you know there is a work in progress here). It works somehow in Safary, even on the mobile app. We use the latest @koa-shopify-auth and in afterAuth method we set the shopOrigin cookie so App bridge will know where to redirect to:

const { shop, accessToken } = ctx.session;
          ctx.cookies.set('shopOrigin', shop, {
            httpOnly: false,
            secure: true,
            sameSite: 'none',

 On the backed both shop and accessToken are stored in the session so we don't need to store them in a db.

Reading this I'm wondering how AppBridge will get the shopOrigin if it is not in a cookie ...
Animated watermarks for product images and ads