Protected customer data submitted for more than 2 months

Retired Boards Appdev Authentication

Topic summary

Delay and uncertainty around approval for access to protected customer data required by Shopify API REST 2023-01. One app reports submitting the request on Feb 23 and, after 2 months, has received no update, asking for the expected review timeframe.

Additional participants seek clarification on meeting the requirement to “Encrypt data at rest and in transit,” and report experiencing the same lack of feedback.

A screenshot of the submission status is included but adds no concrete timeline details.

No official response, decisions, or guidance provided. Key open questions: expected review/approval timeframe and specific steps or evidence needed to satisfy the encryption requirement. The discussion remains unresolved.

Summarized with AI on January 12. AI used: gpt-5.
1

Hello there.

We have a print-on-demand app which we use to manufacture and fulfill decorated apparel for brands and stores. We are updating our service to start using API REST 2023-01 version, which demands protected customer data to be submitted.

I have already submitted access to protected customer data since Feb 23. It has been 2 months and I did not receive any updates or feedback about the submittion.

Does anyone know which is the timefrime for the Shopify Team to review it and give me feedback about it?

merchadiseapp_0-1682348730496.png
merchadiseapp_0-1682348730496.png870×332 31.2 KB

2

Hi, how did you solve this? "Encrypt data at rest and in transit"

3

Same issue here.