In the process of getting our custom app approved but we’ve been met twice with rejection due to the requirement that states “Must authenticate immediately after install”.
We had followed the authorization code grant instructions, where we redirect to the url following the instructed template:
https://{shop}.myshopify.com/admin/oauth/authorize?client_id={client_id}&scope={scopes}&redirect_uri={redirect_uri}&state={nonce}&grant_options[]={access_mode}
However, the tester had sent a screen recording of them landing on the grant screen whilst previously logged in and was therefore not met with a login page.
Could I get some insight into how we should alter our flow so that we can meet this requirement? If the grant screen is not where we’re meant to redirect the user to, which url should we be directing to?