FROM CACHE - en_header

App Rejection - OAuth to ask for scope permissions immediately after someone adds your app

New Member
1 0 0

Hello Everyone,


Wondering if anyone can point me in the right direction.  We have an app that was rejected more that once and is currently in suspension!  Not ideally what we wanted, but we are getting ready to resubmit it as soon as the rejection lifts.  The trouble is we have no clue if our new flow will get accepted, and its hard to put dev time and money into something that can ultimately get rejected again 😒


So basically the app got rejected because of this


Required changes
Use OAuth to ask for scope permissions immediately after merchants add your app.  Check and troubleshoot your app's OAuth by reinstalling your app on your test store using this method



If we update the app to do these steps will it be fine?


  • A Shopify user clicks “Add App” via the Shopify App Store page
  • User is sent to our site to validate the HMAC
  • After HMAC validation we will redirect the user is redirected to Shopify to review the requested permissions and clicks “install app”
  • User is redirected back to our site to start the OAuth API calls like “Request an access token” & the “Returns token with requested scopes”
  • In our dashboard we will prominently show in-app setup instructions that highlight to the users required steps that need to be taken our site as a checklist style block.
    • Complete Questionnaire
    • Submission
    • Review
    • Approval


We have shared this with Shopify support but they have no useful comments!  Any support, feedback is welcome

Replies 0 (0)