Main issue: configuring and testing Shopify GDPR webhooks (shop/redact, customers/redact, customers/data_request) for an app built from the default scaffold (gdrp.js).
Key guidance shared:
In Partner Dashboard > App Setup, add public HTTPS endpoints for each GDPR topic (e.g., /webhooks/shop/redact, /webhooks/customers/redact). These URLs must accept incoming POSTs and process payloads.
Use the CLI to test: npm run shopify webhook trigger (e.g., shop/redact). Confirm your server receives and handles the payload.
Follow-up questions and clarifications:
How to “generate” endpoints: you must host them yourself (the URL you control, such as your dev server/tunnel) and point Shopify to them. What to enter as Address: the exact public URL of your webhook handler.
The scaffold’s gdrp.js is intended to wire up handlers for those routes; usage details weren’t clarified.
Latest update:
A participant notes the trigger returns placeholder payload data (e.g., {shop}.myshopify.com) during tests and shows a CLI example with --address, --api-version, --client-secret, --topic, --delivery-method.
Status: guidance provided, but specifics on using the scaffold code and endpoint hosting remain open.
Summarized with AI on December 31.
AI used: gpt-5.
i am trying to build an app and the scaffold provided by Shopify, it has gdrp.js and we have to update GDRP webhook endpoints in App Setup in partner dashboard.
Can any one please let me know the procedure?
I executed npm run shopify webhook trigger, with cloudfare URL for example https:example.cloudfare.com:3000/shop redact & same for other 2 webhooks and got below response.
To set up GDPR webhooks for your Shopify app, you’ll need to follow these steps:
Update GDPR Webhook Endpoints: In your app’s partner dashboard, go to the App Setup section. Look for the GDPR Webhooks section and provide the webhook endpoints for the following events:
shop/redact: This webhook is triggered when a merchant requests to delete their shop data.
customers/redact: This webhook is triggered when a merchant requests to delete customer data.
customers/data_request: This webhook is triggered when a merchant requests to access customer data.
Test GDPR Webhooks: To test the GDPR webhooks, you can use the npm run shopify webhook trigger command followed by the appropriate webhook topic. For example, to trigger the shop/redact webhook, run:
npm run shopify webhook trigger shop/redact
This will enqueue the webhook for delivery. Check your webhook endpoint to ensure that it receives and processes the webhook payload correctly.
Update GDPR Endpoints in App Setup: Once your webhook endpoints are set up and tested, go back to the GDPR Webhooks section in App Setup in your partner dashboard. Enter the corresponding endpoints you’ve configured to handle GDPR webhooks.
Make sure to include the full URL, including the protocol (e.g., https://) and the correct path to your webhook handling code.
Save the changes in the partner dashboard.
By following these steps, you can update and test the GDPR webhook endpoints for your Shopify app. This will ensure that your app receives the necessary webhooks when GDPR-related events occur and can handle them accordingly.
If I managed to help you then, don’t forget to Like it and Mark it as Solution!
Success! Webhook has been enqueued for delivery.