No session or admin after authenticate of webhook request

Shopify Apps
,

Topic summary

Webhook authentication returned undefined session and admin after calling authenticate.webhook(request), despite the webhook being registered (in TOML and tried in server code). The session table in dev.sqlite was empty, and prior GitHub issue fixes (#796, #462) did not help.

Root cause: The app had been pruned to only handle webhooks, and the route app/routes/_index/route.jsx was removed. That route performs the token exchange needed to establish a session for the shop.

Resolution: Restore app/routes/_index/route.jsx and visit the embedded app page once in the merchant’s admin. This triggers the token exchange, creates a session, and subsequent webhook requests authenticate correctly (session/admin populated).

Notes:

  • “Token exchange” is the OAuth step where the app obtains tokens and establishes a session for the shop.
  • No additional admin configuration was needed beyond opening the app once to seed the session.

Status: Resolved by reinstating the index route and initiating the token exchange via the app page.

Summarized with AI on December 15. AI used: gpt-5.
1

We are trying to authenticate a session against Shopify on a incoming webhook request in our webhooks.jxs

    const result = await authenticate.webhook(request);
    ({ shop, topic, session, admin, payload } = result);

after this call session and admin are both undefined.

We have registered the webhook in our toml file - but also tried to do it in the shopify.server.js file.

We created the project a branch with the webhook solution on the app 2 month ago, at this point the solution was working, now it impossible to get to work.

We tried the solution listed in:
https://github.com/Shopify/shopify-app-template-remix/issues/796 and
https://github.com/Shopify/shopify-app-template-remix/issues/462
with no lock.

We have look in the dev.sqlite database, the session table is empty.

Any one that have any suggestion on what to do?

2

We only use our embedded app to receive webhook, we do not have any configuration within the Shopify shop admin.

For that reason we had pruned the app. In that process we removed

app/routes/_index/route.jsx

This is where the token exchange happen.

Adding that and going to the (empty) app page on the shop, add a session and it work on the following webhook request