FROM CACHE - en_header

Online & offline session tokens

Solved
Anonymous
Not applicable
‎06-12-2021 06:49 AM

Is it possible throughout the app installation process to request both online and offline session tokens?

I will need an offline token to perform API requests in background tasks and an online token for the logged in user, to perform requests from the front end. 

Also, are online tokens restricted to Shopify Plus or can they be requested in by any app regardless of the Shop account type? 

3,906 Views
Report
Accepted Solution (1)
Luke_K
Shopify Staff
Shopify Staff
402 65 92
‎06-13-2021 07:01 PM

This is an accepted solution.

Hey @Anonymous 

Yes - Offline and Online Tokens can be used simultaneously by using different access tokens.  They are requested during the OAuth process.

There's a run through here of offline and online access here too if it helps. 

There's no restrictions of online access tokens to Plus Stores. Please let me know if you have any further questions - thanks!

| Shopify |
- Was my reply helpful? Click Like to let me know!
- Was your question answered? Mark it as an Accepted Solution!

View solution in original post

3,821 Views
Report
Replies 5 (5)
Luke_K
Shopify Staff
Shopify Staff
402 65 92
‎06-13-2021 07:01 PM

This is an accepted solution.

Hey @Anonymous 

Yes - Offline and Online Tokens can be used simultaneously by using different access tokens.  They are requested during the OAuth process.

There's a run through here of offline and online access here too if it helps. 

There's no restrictions of online access tokens to Plus Stores. Please let me know if you have any further questions - thanks!

| Shopify |
- Was my reply helpful? Click Like to let me know!
- Was your question answered? Mark it as an Accepted Solution!
3,822 Views
Report
In response to Luke_K
Anonymous
Not applicable
‎06-14-2021 02:20 AM

Thanks for getting back to me.

 

What is the flow for creating both token types? Should I request an offline token when the app is installed, and then pass the user through oauth a second time to get the online token? As the online token has a limited lifespan, the user will then need to pass though oauth intermittently to refresh the token. Is this correct or is there a best practice for handling this?

3,804 Views
0 Likes
Report
In response to Anonymous
dygerati
Tourist
6 0 1
‎06-24-2021 03:11 PM

I'm also wondering the same here. Just using the provided koa app, and I'd like to fetch both online and offline tokens. 

Any clues as to the flow here?

3,766 Views
0 Likes
Report
In response to dygerati
Anonymous
Not applicable
‎06-25-2021 03:21 AM

Hi @dygerati 

The recommended flow is to request a (permanent) offline token when the app is installed and store that in your app's backend. Then after installation, pass the user through oauth again to request an online (session) token. There shouldn't be any need for any interaction from the user for the second pass as long as you keep the scopes the same.  

3,754 Views
Report
In response to Anonymous
amt_dev
Shopify Partner
5 0 0
‎03-14-2023 03:01 AM

@dygerati  How can this be achieved ? I am using@Shopify/shopify-api  to create my app and KOA is deprecated

489 Views
0 Likes
Report

Community Blog Articles

24-09-19241-65844.png
Introduction to Shopify Sales Channels

Photo by Marco Verch Sales channels on Shopify are various platforms where you can sell...

By Ollie May 25, 2023
default image
Shopify - Web Pixels Manager Sandbox FAQ

Summary of EventsBeginning in January of 2023, some merchants reported seeing a large amo...

By Trevor May 15, 2023
two-factor-authentication-security.jpg
Securing your Account with Two-Factor Authentication

With 2-Factor Authentication being required to use Shopify Payments, we’re here to help yo...

By Imogen Apr 26, 2023
Terms of Service Privacy Policy