Best practice for signup and maintaining user access to the app

nenadp
Visitor
2 0 0

We have an external app which we want to integrate with Shopify as a public app.
The approach, as we understood it, would be to create a Shopify app that will prompt users to initiate the Oauth flow where external app can get the access token to access their Shopify account details.

We spotted that other external apps do not take users to the signup process, but Shopify users would be on-boarded on external app based on the information retrieved from Shopify using oauth token.

What would be a best practice from Shopify's point of view to allow for such an integration:

  • does Shopify provide a facility to enhance Shopify tokens with meta-data (so potentially use this token in our system instead of our own token?)
  •  is there a documentation describing integration flow between Shopify app and external app?

Our assumption is that Shopify users do not create an account directly on external app, but the external app user is created under the hood based on oauth token received, and that for any further logins they are required to enter through the Shopify link.

Is there a documentation that would describe such oauth flow? We are aware of https://shopify.dev/apps/auth/oauth but it does not describe possible integration with an external app.

Reply 1 (1)

nenadp
Visitor
2 0 0

Additional clarification, when i say external app, I mean public, not embedded app.

Additionally to what i asked previously, we noticed that after successful app install, when clicking on the app from Shopify shop, `host` and `session` query parameters would be present in  the url, but I am unsure what is intended use in the context of public, not embedded apps.