This warning in the docs in extra confusing regarding partial implementation, completing the checkout . Even jumping to the webUrl after creating/logging in a customer with the storefront api will always require the customer to log back in ? Won't it make first login look like phishing?
Are you integrating the storefront API into an existing website outside of Shopify or into your Shopify theme? What is your intended outcome? Are you looking to send users to the checkout?
Are customer accounts going to be required for this implementation? If not, you should not run into roadblocks with the extra login.
The storefront is a GraphQL API - and therefore you can get as much or as little information as you need. There is no problem with only utilizing pieces of data that is needed.
I want to integrate the storefront API into an existing website outside of Shopify and then run the shopify store on a subdomain of my existing domain.
I want to display the cart total and the user login name in the header of my existing website.
I want users to be able to add products to their cart from my existing website.
I want users to be able to view their cart contents on the shopify subdomain.
I want users to be able to checkout on the shopify subdomain.
I want users to be able to create accounts and or login, maybe from either the existing website or the subdomain.
The problem seems to be that customer accounts logged in through the api on an existing site are incompatible with customer accounts logged into on the subdomain. Is that correct?
My understanding of the available APIs is that identity federation is only supported in Shopify Plus. There is no way to securely pass user identity in a session unless you are on mobile, or use a web view that supports sending a customer header to the checkout's webUrl.