Dear forum members,
We’re selling on different platforms and Shopify is one of them. We have our own software to manage the orders, inventory, etc. Since we have one shopify store, I have created an application specific to our store a couple of months ago and I was able to connect through Shopify API, manage the orders and the inventory. This is working well for us so far.
We started working on a separate project to serve the sellers like us. We have good rates for different shipping companies and we want to create a platform to sell shipping labels. In this platform, we should be able to fetch our customers’ orders from different platforms. We’d like to start with the most popular platforms and Shopify is one of them. Basically, what we want is that the customer will somehow give permission to us to access their Shopify store and then we’ll be able to fetch their orders and fulfil them when they print a label. After making a successful first call, I know how to progress with the API, but I’m stuck at starting with a good foundation.
In the last few days, I’ve asked to ChatGPT and also checked the Shopify documents and these are things that I was able to find. I’ll ask your help to check if I’m in the right direction and also offer solutions for some problem that I couldn’t find a solution.
-As far as I understand, the way to get an access from a Shopify store is to create a Shopify App. Since, I’d like to access different stores, I need a public application. On the other hand, this is not a standalone application, I don’t think I need to promote it in Shopify Store, because the application wouldn’t do anything if a Shopify customer installs this application to their store without having an account on our system. Basically the application will be a proxy for us to be able to make API calls. As a result, it can be a public unlisted application.
-Even though this is not a listed application, it will go through an approval process since it’s a public application. I’m wondering what kind of things will be checked for this application since there will be no user interface on Shopify side. There will be several scripts running periodically to send/receive information between Shopify and our system through Shopify API. Since this part is one of the most critical side and potentially time consuming part, I want to make sure that this is the right path and what kind of preparation I need to make to get an approval for such an application.
-I’m asking out of curiosity. Let’s say that I have received an approval for my application with its current status. Then, I’ll be making changes to these scripts when I need more functionalities for my integration. Since, this part seems to be out of Shopify’s control, is there any mechanism to make sure that the application is still reliable especially from security perspective or this is totally under developer’s responsibility.
-What I learned so far is that the application should be ready before getting the approval. However, in order to make it ready I need to be able to test it. While doing that I’d like to make an A to Z test including the part that the customer gives access right to my application, the part that I receive a token for this customer. For other tests, I guess I can use the development store option, but I’m not sure if I can get the token receiving part with a development store. The suggestion that I found was to create a Custom Application for making my tests since I already have a live store. As far as I understand, it’s like a public app but specific to a store or an organisation. I created a custom application for my live store and created an authorisation link with this format:
When I follow the link, I came to installation screen for this application; however, the Install button was grayed out. I checked the google but I couldn’t find a solution; so I couldn’t move forward with that approach.
-If what I have written so far makes sense, assuming that I get an approval for the public application; I need to get the shop name for my customers and create the authorisation link like above and they will install my application. Then, they will be redirected to my redirect url and I’ll be able to get the specific token for this customer and then I’ll be able to access their information via API. Is that the way to go?
I’m sorry if it’s a bit long post. Any help/comment will be appreciated.
Thanks in advance,
