How does app installation work in production with OAuth2.0?

afraz-khan
Shopify Partner
3 0 0

Hi!

 

Our app is ready to be published on the app store and uses OAuth2.0 for authorization. So far, we have been using a custom installation link set up in our app for development. Its format is as https://{APP_URL}/api/auth?shop={STORE_DOMAIN}.

 

I want to know how the installation works in production.

 

I have come across the Shopify Managed Installation and we are already deploying our app scopes via the Shopify CLI/TOML file but it's not mentioned in the document if this feature will call the callback URL that we provide in the app configuration. Anyone who has used this feature, please share the process of configuring it in the app submission step.

 

Also, let me know If there are other methods available for installation in production.

Replies 3 (3)

DaviAreias
Shopify Partner
39 0 6

I've just tested setting "use_legacy_install_flow = false" to turn on this feature and noticed no difference at all at my server logs.

I've read the page 10 times and still have no idea what this does.

If is supposed to trigger the authorization prompt again in case you change the app scopes, I think it's not really useful.

 

afraz-khan
Shopify Partner
3 0 0

Only this setting is not sufficient I guess, let me tell you what I have found out about this new managed flow so far.

Let me know, if you have some findings or some other knowledge about the managed flow.

boronine
Shopify Partner
12 2 11

We are testing "Shopify managed installation" for our app, but it doesn't seem to be ready for production. We found two problems with it described here: https://community.shopify.com/c/authentication-and-access/is-quot-shopify-managed-installation-quot-...

Founder and tech lead for Simple Affiliate:
https://apps.shopify.com/simple-affiliate