Discuss and resolve questions on Liquid, JavaScript, themes, sales channels, and site speed enhancements.
Hello!
My problem is that I can't get Session Token in the development of non-embedded app, so there is no way to add Authorization information in Header, this problem has been bothering me for a week, I didn't find any information online about how to get Session Token in non-embedded app.(This is not in Shopify's development documentation, in fact, Shopify's development documentation only about the embedded App related content, Session Token can easily be obtained through the App Bridge, the document address: Getting started with session token authentication )
Until, I watched a video released by Shopify (video link ), is based on JWT to achieve Session Token, which at the time of 27:17, he mentioned that non-embedded App can not use JWT to authenticate, because we have no way to use and load App Bridge (only the embedded App can use App Bridge)
So, my question is, if I want to develop a non-embedded app, how do I get the Session Token?
Thanks for your help!
Hi, I have the same question, did you solve the problem?
In fact, the non-embedded app does not need Session Token, I am currently using the offline authentication method, and so far my app is running fine.
@AnthonyCoder Does you app have a backend? How does it know, that the request from your non-embedded app is coming from a user that belongs to the shop?
Did you ever get this solved? I'm banging my head against the wall trying to figure out how to call from a non-embedded app.
So the only moment you know the user belongs to the shop is when shopify redirects him/her to your app with a token. With that token you usually do the registration process and stuff (or if it is already registered, it will just forward to your app). At that point, your backend needs to create your own user session token. This token is mapped to a specific shop (we write the shop into the token) and returned to the user.
With that session token (or access token, however you want to call it), the user talks to your backend and the backend can validate the token and knows, that the users has access to that shop.
This worked well for us. Hope it helps.
Hey! I was wondering if you could share more about your solution -- I'm stuck on the same problem with authenticating users from Shopify for my non-embedded app. I understand you create your own user session token -- but when you say you return it to, where are you returning to it and storing it? As for as I know, Shopify doesn't store any session tokens you'd store, so how does the user logged in to shopify send that session token to your backend?
Hey Community! As the holiday season unfolds, we want to extend heartfelt thanks to a...
By JasonH Dec 6, 2024Dropshipping, a high-growth, $226 billion-dollar industry, remains a highly dynamic bus...
By JasonH Nov 27, 2024Hey Community! It’s time to share some appreciation and celebrate what we have accomplis...
By JasonH Nov 14, 2024