I’m working with the embedded app example and I’m wondering how to include a web hook endpoint in my application. Currently, everything gets redirected to the iframe, so the embedded app routes aren’t really accessible outside the embedded environment. Is there a way to set up a route that does not redirect?
More generally, what is the best way to accept web hooks within a Shopify embedded app? I will need to process hooks for multiple stores.
To clear this up, you are interpreting things incorrectly. When you make an App, embedded or not, you are providing end points at your URL of choice. Whether you run your own DNS in your basement and direct clients to your App on a *nix box, or pay to host on Rackspace, your App has an address like: https://myapp.com/fizzbuzz
All you have to provide the Shopify API when setting up any Webhook is that end point. It has zero to do with iframes.
Thank you for your help!
My question then doesn't really have to do with webhooks or the api. I've had success using both of these. It's more about the embedded app example. Within the example, any route I provide gets redirected. If I create an endpoint for a webhook, say http://myapp.com/jsonendpoint/, when you hit that endpoint, you get redirected to /login . What I'm really asking is how do I provide a public endpoint within the embedded app example.
I'm pretty inexperienced with rails and the app architecture, so I assume I'm missing something that is pretty basic.
Why does your App need a public end point if it is there to service a secure, emdedded Shopify App? When I want to serve up a public endpoint in my App I simply point at a route I serve up that has it's own layout and no security checks. Like any normal WWW page.
Inside the App itself, when I code up an XHR call I just use a relative link since I am inside my App inside the iframe. No need to call out to a FQDN.
Thanks again for helping me with this.
Without going in to too much detail, I want my app to listen for a webhook, say order/create, and then update various database fields based on the webhook data.
Does this seem like an approiate use for a public endpoint, or am I missing something bigger.
It is a perfect use of an App endpoint, which is private between your App and your Shopify store(s). If Joe Q Public hits that endpoint, they should be prompted at the login screen, or sent to a "buzz off" page.