session token authentication issue for built for shopify badge

Hey Shopify Support,

I’m experiencing a persistent issue with session token authentication for my recently published Shopify application, “SocialPilot” (https://apps.shopify.com/socialpilot).

App Details:

• Built With: Remix and Polaris components, based on the official Shopify app scaffold document: https://shopify.dev/docs/apps/build/scaffold-app
• Published App Link: https://apps.shopify.com/socialpilot
• Relevant Dependencies:
  • @Shopify_77 /app-bridge": “^3.7.10”
  • @Shopify_77 /app-bridge-react": “^4.1.6”
  • All other packages are also on their latest versions.

Problem Description: Despite following the session token authentication documentation (https://shopify.dev/docs/apps/build/authentication-authorization/session-tokens/set-up-session-tokens) and using the recommended Remix template, the session token authentication is not working as expected.

I’ve been monitoring the app’s behavior in a development store, and the authentication is consistently failing. This is preventing proper functionality within the embedded app.

Specific Observations/Attempts:

• I’ve confirmed that the app is embedded (isEmbeddedApp: true)
• I’ve tried reinstalling the app in development stores and clearing browser cookies.
• I’ve accessed the app multiple times in a development store to trigger Shopify’s automated checks for session token usage, and have waited for more than 48 hours.

Questions:

• Could you please investigate why the session token authentication is not being recognized/working for my published app?
• Are there any specific configurations or steps I might be missing, beyond the provided documentation, for a Remix app with the latest App Bridge versions?
• How can I reliably verify the session token authentication in my development environment (localhost) to ensure it’s functioning correctly before deploying changes? Are there specific console logs or network requests I should look for?

I am happy to provide any code snippets or further details from my implementation if needed. Thank you for your time and assistance.

Best regards,

Jay Khatri

Hi,

Thanks for the detailed description — it sounds like you’ve done a lot of the right things already. could you please share your server.js (or server.ts if you’re using TypeScript) file from your Remix app setup?

This will help me better understand how you’re initializing Shopify’s App Bridge and handling session token validation on the server side. Sometimes even small misconfigurations can cause these kinds of issues.

Feel free to redact any sensitive credentials before posting.
Looking forward to helping you get this resolved!

Hi Jigneshh,

Thanks for your message and willingness to help!

As requested, here’s my server.js file (we use JavaScript, not TypeScript, in this project). Let me know if anything stands out or looks off:

Let me know if you need anything else from me. I appreciate your help in investigating this.

Best,
Jay Khatri

Hi Jigneshh,

Thanks for your message and willingness to help!

As requested, I tried to share a file, but it went to spam

Let me know if you need anything else from me. I appreciate your help in investigating this.

Best,
Jay Khatri

import configSetting from "./config";
import "@shopify/shopify-app-remix/adapters/node";
import {
  ApiVersion,
  AppDistribution,
  shopifyApp,
  BillingInterval,
} from "@shopify/shopify-app-remix/server";
import { MongoDBSessionStorage } from "./db.server";

const shopify = shopifyApp({
  apiKey: process.env.SHOPIFY_API_KEY || "", // Your Shopify API key
  apiSecretKey: process.env.SHOPIFY_API_SECRET || "", // Your Shopify API secret key
  apiVersion: ApiVersion.October24, // Use latest API version
  scopes: configSetting.SCOPES, // Your required scopes
  useOnlineTokens: true, // Use online tokens
  appUrl: configSetting.SHOPIFY_APP_URL || "", //  Your app URL
  authPathPrefix: "/auth", // The path to start the OAuth process
  sessionStorage: new MongoDBSessionStorage(), // MongoDB session storage
  distribution: AppDistribution.AppStore, // App distribution channel
  billing: {
    ecom_essentials_monthly: {
      value: "2001", // membershipId
      amount: 20.0, // price
      currencyCode: "USD", // currency
      interval: BillingInterval.Every30Days, // interval after 30 days
      planId: "ecom_essentials_monthly", // planId
    },
    ecom_essentials_yearly: {
      value: "2002", // membershipId
      amount: 180.0, // price
      currencyCode: "USD", // currency
      interval: BillingInterval.Annual, // interval after 1 year
      planId: "ecom_essentials_yearly", // planId
    },
  },
  isEmbeddedApp: true,
  future: {
    unstable_newEmbeddedAuthStrategy: true,
    removeRest: true,
    unstable_tokenExchange: true,
  },
  auth: {
    exitIframeActionType: "redirect",
  },
  ...(configSetting.SHOP_CUSTOM_DOMAIN
    ? { customShopDomains: [configSetting.SHOP_CUSTOM_DOMAIN] }
    : {}),
});

export default shopify;
export const apiVersion = ApiVersion.October24;
export const addDocumentResponseHeaders = shopify.addDocumentResponseHeaders;
export const authenticate = shopify.authenticate;
export const unauthenticated = shopify.unauthenticated;
export const login = shopify.login;
export const registerWebhooks = shopify.registerWebhooks;
export const sessionStorage = shopify.sessionStorage;

I convert the image to PDF. And try to share