I still have not found clear direction on how to do the following...
- For a Public app
- Add a new page to an online store built dynamically by our server-side app according to merchant preferences stored in our database.
- This is a shopper-facing page... not a merchant-facing page.
- This page would provide the UI for parts searches in our database (not Shopify products).
- No Shopify merchant data is involved in building the page - i.e. no Shopify Admin API calls required.
- Need to verify that the request comes from Shopify and identify the store without going through oAuth again (token stored during app install).
- Q: Is a session token the only way to do this?
- Q: Is it required that this page be rendered in an iframe?
- loads App Bridge
- gets the session token
- redirects to the URL that verifies the token and renders the desired page.
Before I get into detailed questions about each step, am I at least on the right track with this or is there a better strategy?
Many thanks for any advice.