This morning I discovered our OAuth flow for installing apps is broken. The issue appears to be on Shopify’s end. Shopify asks me to log in after initiating the request, and from the log in page I am redirected to:
https://consignify.myshopify.com/admin/auth/login?login=<MY_EMAIL>&st_source=merchant_space_stores&redirect=oauth%2Fauthorize%3Fstate%3D14a33e32d3386d6f45c1c30c02abbc37160b3293ba5ba61f5be5e52c8dc57aea%26client_id%3D7cd48fe87ec3c9288ed05bcb6139c257%26redirect_uri%3D<OUR_DOMAIN>2F%26scope%3Dread_locations%252Cread_products%252Cwrite_products%252Cread_orders%252Cwrite_orders%252Cread_inventory%252Cwrite_inventory%252Cread_customers%252Cwrite_customers&from_identity=true
This endpoint returns the header Location: [https://admin.shopify.com/store/](https://admin.shopify.com/store/)<MY_STORE> rather than the app installation page. This is happening consistently regardless of which test store we use, although it might be limited to test stores, since our customers seem to be able to link their stores ok.
This issue has been happening off and on for months now. Sometimes we get the above behavior, and sometimes the redirect sends us to an install page for a completely different app! Our code has not changed, so unless there was a recent update, this issue is on Shopify’s end.
Shopify staff: can you help us resolve this? We can’t do any development in the meantime because we can’t link our app to a development store, and I’m afraid this is affecting real customers as well.