What does the standard install process for a Shopify app mean?

Shopify Apps

Topic summary

Shopify rejected an app during review for violating installation requirements. The rejection message states apps cannot request a merchant’s .myshopify.com URL directly and must use the standard install process from the app listing.

Current problematic workflow:

  • Users enter their store domain on an external portal
  • App creates authorization link and redirects users to authenticate
  • After authentication, app requests access token to fetch merchant orders

This violates Shopify’s policy requiring all installations to be initiated within the Shopify App Store itself.

Correct OAuth flow:

  1. Merchant initiates installation from Shopify App Store
  2. Shopify sends request to app endpoint with shop, timestamp, and hmac parameters
  3. App validates request and redirects to Shopify Admin API with required scopes
  4. Shopify prompts merchant to review scopes and authorize
  5. After authorization, Shopify sends request back to app with access token

Unresolved challenge: Multiple developers report the same issue, particularly for apps not yet listed in the Shopify App Store. Without an official app listing, there’s no install link for merchants to initiate the standard process. No clear solution has been provided for pre-listing development scenarios.

Summarized with AI on November 10. AI used: claude-sonnet-4-5-20250929.
5

We are in the same boat. Can anyone please give a solution for this? As our app is still not listed on the Shopify app store, there is no app install link or page in the Shopify app store. With our current application, we are taking the store name as input and then proceeding with the authentication part. But, Shopify rejected our app for this flow, they are saying that all the must be installed via the app store.

How to achieve this?