Hi, might be a silly question but I couldn’t find verification of this anywhere. Do post purchase extensions support server side backends? Either hosted by shopify or in my own cloud like with a normal shopify app? Since the extension seems to be hosted using the app bridge it seemed like it might not support a backend concept. Basically we want to create a post purchase page to allow the customer to opt in to a certain service after the order and need to make an external api call with some basic customer information, either straight to an external api or to an app backend which could then make the api call. I was figuring CORS would block any non shopify api call. Just want to verify if it is at all possible to somehow have an associated backend and what the best way is. Thanks.
Topic summary
Main issue: whether Shopify post-purchase extensions can use a server-side backend and make external API calls, and if CORS would block non‑Shopify APIs.
Update/answer: Post-purchase extensions can query your own backend. CORS (Cross‑Origin Resource Sharing) is governed by the target server; adding an Access-Control-Allow-Origin header to your API responses enables cross-origin calls from the extension.
Implications:
- You can call an external API directly from the extension or route the call through your own app backend, provided CORS is configured on the server you control.
- The extension’s use of App Bridge does not preclude backend interactions.
Technical notes: CORS is a browser security mechanism that permits cross‑origin requests when the server explicitly allows them via response headers.
Status: Feasibility and CORS concerns are addressed. Availability of a Shopify‑hosted backend for post‑purchase extensions is not confirmed; that part remains unanswered.
Yeah, you can query your own backend in a post-purchase extension.
“I was figuring CORS would block any non shopify api call”
That’s not exactly how CORS works. It’s up to the server owner (you) to add an access-control-allow-origin header to your API responses.