We offer the ability for a user to connect shopify to our service, we also offer the ability to disconnect. Some oauth Providers allow us to revoke access via the api. so that the user can do it in one place.
Is there a webhook enabled for when someone revokes access to our app, or is there an endpoint so that we can post that a users oauth access to our app should be terminated?
Hello, we have plans to provide this end point for developers. Unfortunately I do not have an ETA of its release. We will do our best to update the relevant forum posts, and as always, post an API Announcement.
Why can you not just function with your persistence layer in the App? If someone chooses to uninstall your App, you get a notification, so you can erase their oAuth token from your App and hence they cannot use it anymore with that token. And if you want to "erase" their token without them having uninstalled your App, simply erase the token from your DB, and they will be forced to re-install and get a new token.
Seems to cover your use case does it not? What would invalidating their token using an API call be superior to simply erasing the copy you have? I am simply curious.. no worries...
We want the tokens to be erased on Shopify's end so when a user logs into their Shopify dash, they do not see our application as being connected anymore. Just deleting their tokens on our end and they still see our app as being connected to their Shopify account, which we do not want.