Wondering if anyone can point me in the right direction. We have an app that was rejected more that once and is currently in suspension! Not ideally what we wanted, but we are getting ready to resubmit it as soon as the rejection lifts. The trouble is we have no clue if our new flow will get accepted, and its hard to put dev time and money into something that can ultimately get rejected again
So basically the app got rejected because of this
Use OAuth to ask for scope permissions immediately after merchants add your app. Check and troubleshoot your app's OAuth by reinstalling your app on your test store using this method
If we update the app to do these steps will it be fine?
A Shopify user clicks “Add App” via the Shopify App Store page
User is sent to our site to validate the HMAC
After HMAC validation we will redirect the user is redirected to Shopify to review the requested permissions and clicks “install app”
User is redirected back to our site to start the OAuth API calls like “Request an access token” & the “Returns token with requested scopes”
In our dashboard we will prominently show in-app setup instructions that highlight to the users required steps that need to be taken our site as a checklist style block.
We have shared this with Shopify support but they have no useful comments! Any support, feedback is welcome