I'm having problems with authenticating API Requests to my App Backend. On the backend side I'm using the verifyRequest() Method from the @shopify/koa-shopify-auth package as recommended here: https://shopify.dev/apps/auth/session-tokens/how-session-tokens-work#anatomy-of-a-session-token
The problem I'm facing now is how to authenticate when making requests from my checkout post-purchase extension.
I thought I could use the token, that is sent from Shopify with the inputData object (Reference here). There is a token field that specifies a jwt session token - according to Shopify.
But when I append this token to the request I'm sending to my backend server, the server always responds with code 500 and the message "Session token had invalid API key".
Does somebody have an idea how to solve this problem? I am grateful for any kind of tips or solutions!
Thanks in advance!