App reviews, troubleshooting, and recommendations
We're moving the community! Starting July 7, the current community will be read-only for approx. 2 weeks. You can browse content, but posting will be temporarily unavailable. Learn more
I am new to Shopify and planning to make a Shopify App that will be powered by external API that I own,
What is the best practice for using external APIs when it comes to authorization / authentication?
Should I go with Oauth2, JWT or something else?
If I'll go with Oauth2, how accustomed are Shopify shop owners with Oauth verification routine?
Thanks in advance!
Alex
Solved! Go to the solution
This is an accepted solution.
Hi @Aliaksandr
This is Kate from PageFly - Landing page builder, I’d like to suggest this idea:
The best practice for using external APIs in Shopify is to use OAuth 2.0 for authorization and authentication. OAuth 2.0 is an industry-standard protocol for authorization and is widely supported by Shopify. It allows for secure, user-authorized access to third-party APIs.
JWT (JSON Web Tokens) can also be used for authentication and authorization, but it is not as widely supported by Shopify.
Shopify shop owners may not be familiar with the OAuth 2.0 verification routine, so it's important to provide clear instructions and make the process as seamless as possible for them. Shopify also provides documentation and support for developers to help them implement OAuth 2.0 in their apps.
Please let me know if it works by giving it a Like or marking it as a solution!
➜ Unlock the secrets to a record-breaking BFCM with PageFly and Canva
➜ Optimize your Shopify store with PageFly Page Builder (Free plan available)
➜ Weekly updated Shopify tutorials on YouTube
All features are available from the Free plan. Live Chat Support is available 24/7.
This is an accepted solution.
Hi @Aliaksandr
This is Kate from PageFly - Landing page builder, I’d like to suggest this idea:
The best practice for using external APIs in Shopify is to use OAuth 2.0 for authorization and authentication. OAuth 2.0 is an industry-standard protocol for authorization and is widely supported by Shopify. It allows for secure, user-authorized access to third-party APIs.
JWT (JSON Web Tokens) can also be used for authentication and authorization, but it is not as widely supported by Shopify.
Shopify shop owners may not be familiar with the OAuth 2.0 verification routine, so it's important to provide clear instructions and make the process as seamless as possible for them. Shopify also provides documentation and support for developers to help them implement OAuth 2.0 in their apps.
Please let me know if it works by giving it a Like or marking it as a solution!
➜ Unlock the secrets to a record-breaking BFCM with PageFly and Canva
➜ Optimize your Shopify store with PageFly Page Builder (Free plan available)
➜ Weekly updated Shopify tutorials on YouTube
All features are available from the Free plan. Live Chat Support is available 24/7.
Thanks Kate, this is exactly what I was looking for, have a great day!
Hi @Aliaksandr
Where you able to achieve this?
I'm kind of stuck, I have my API which contains a /auth method which will handle the shopify OAUTH. But the frontend is a react app served elsewhere. I'm unable to make the app redirect to the frontend after successful Shopify Auth.