FROM CACHE - en_header
Promotion image

Autenticate API call

Autenticate API call

Elia_
Shopify Partner
6 0 0
‎04-10-2025 05:47 AM

Hi, if I make an API call from the frontend of my site (e.g., from a theme app extension) to my Remix backend, how can I securely authenticate the API call?
The goal is to prevent this API from being replicated, for example using Postman, so that no one else can access the results.

 

 

I have already implemented the Shopify proxy and JWT.
However, if someone inspects the page source and finds the script that makes the API call to obtain the JWT — for example: GET "/apps/PROXY_URL/api/get-token" — they can easily replicate it in Postman with the correct headers and obtain the JWT.
Labels:
498 Views
0 Likes
Report
Replies 0 (0)

Community Blog Articles

VS-skills-2025-opt3.png
How to drive more onsite engagement with promotions, loyalty, and recommend...

Discover how to increase customer engagement on your store with articles from Shopify A...

By Jacqui Apr 23, 2025
JasonH_0-1743081651612.jpeg
Members of March '25

Hey Community 👋 Did you know that March 15th is National Everything You Think Is W...

By JasonH Apr 1, 2025
427225466-7b141305-de27-48eb-8d38-643ba2ed8c3f.jpg
The power of automation: New Shopify Flow fundamentals learning path

Discover how to increase the efficiency of commerce operations with Shopify Academy's l...

By Jacqui Mar 26, 2025
Terms of Service Privacy Policy