FROM CACHE - en_header

Do I register for GDPR Hooks?

MartinGlenware
Shopify Partner
35 0 7
‎11-07-2019 04:54 AM

Do I register for GDPR Hooks?

Hi

Im reviewing my GDPR hooks code against the Shopify tutorial -

 

https://developers.shopify.com/tutorials/build-a-shopify-app-with-node-and-react/listen-for-store-ev...

 

One thing Im not clear on is whether I need register the mandatory hooks, or are they preregistered?

 

If I consider the server.js example in the above tutorial then would I expect an implementation like -

  • customers/redact - Requests deletion of customer data.
  • shop/redact - Requests deletion of shop data.
  • customers/data_request - Requests to view stored customer data.

Id expect the code to be -

 

  server.use(
    createShopifyAuth({
      apiKey: SHOPIFY_API_KEY,
      secret: SHOPIFY_API_SECRET_KEY,
      scopes: ['read_products', 'write_products'],
      async afterAuth(ctx) {
        const { shop, accessToken } = ctx.session;
        ctx.cookies.set("shopOrigin", shop, { httpOnly: false });

        const registration = await registerWebhook({
          address: `${HOST}/webhooks/products/create`,
          topic: 'PRODUCTS_CREATE',
          accessToken, shop, apiVersion: ApiVersion.October19
        });

        const registrationRedact = await registerWebhook({
          address: `${HOST}/webhooks/customers/redact`,
          topic: 'customers/redact',
          accessToken, shop, apiVersion: ApiVersion.October19
        });
        
        await getSubscriptionUrl(ctx, accessToken, shop);
      }
    })
  );

  const webhook = receiveWebhook({ secret: SHOPIFY_API_SECRET_KEY });

  router.post('/webhooks/products/create', webhook, (ctx) => {
    console.log('received webhook: ', ctx.state.webhook);
  });
  
  router.post('/webhooks/customers/redact', webhook, (ctx) => {
    console.log('received webhook: ', ctx.state.webhook);
  });

Is this correct?

 

1,660 Views
Report
Replies 4 (4)
JoshuaSarros
Shopify Partner
80 8 23
‎11-07-2019 07:47 AM

Re: Do I register for GDPR Hooks?

Hey 🙂

 

I just went through this recently myself. My understanding is that you cannot register the GDPR URLs in the same was as ordinary Shopify webhooks. You have to implement your own endpoints and provide the three URLs to Shopify when creating the app.

 

Even though they are custom URLs, the calls to them can still be validated to make sure they come direct from Shopify in the same way that webooks are validated.

 

Hope that helps! Let me know if I can clarify anything! 

Joshua Sarros - Freelance Web Developer from Melbourne, Australia
joshuasarros@gmail.com
1,632 Views
Report
muhaimin
Shopify Partner
2 0 1
‎02-01-2020 12:02 PM

Re: Do I register for GDPR Hooks?

I am also currently reviewing my GDPR webhooks implementation of my app.

What I see is that Shopify already registered the webhooks as default and you need to provide your endpoints URL in the Shopify Partner -> App -> Your App -> App Settings.

Then Shopify will send a POST request to your those endpoints, but the caveat in this is that you can’t include the route for the endpoints in your Nodejs/Koa server (if you follow the tutorial) because there is no shop query and OAuth coming from Shopify.

I will try to create endpoints in a separate server/environment (planning on using google Cloud Functions) for this and see if it works.
1,407 Views
Report
MartinGlenware
Shopify Partner
35 0 7
‎02-05-2020 03:55 AM

Re: Do I register for GDPR Hooks?

Hi

 

I ended up writing a little script to generate the shopify checksum for my GDPR messages to allow me to test this

 

The advantage was that I could send multiple messages to the endpoint through a rest client so sped up development

 

I need to post the script or do a blog post

1,381 Views
Report
theptrk
Tourist
9 1 3
‎12-02-2020 03:58 AM

Re: Do I register for GDPR Hooks?

I'm still struggling to implement webhooks from the shopify koa sample application. 

Should I still use this pattern?

 

  const webhook = receiveWebhook({ secret: SHOPIFY_API_SECRET });
  router.post("/gdpr/shop/redact", webhook, (ctx) => {
    console.log("received webhook: ", ctx.state.webhook);
    ctx.body = { message: "No shop data is stored" };
  });
791 Views
Report

Community Blog Articles

Trevor_0-1658936764652.jpeg

How you can use PayPal to accept payments and pay your Shopify bill

Connect your PayPal account to allow your customers to checkout using the PayPal gateway a...

By shopify staff Ollie Jul 28, 2022
Ollie_0-1655835122068.jpeg

Improving your online store speed

Your online store speed can enhance your store’s discoverability, boost conversion rates a...

By shopify staff Ollie Jun 30, 2022
woman-holding-mobile-phone.jpg

Optimizing Storefront for Mobile Shopping

Shopping is at our fingertips with mobile devices. Is your theme optimized to be user-frie...

By shopify staff Holly Jun 24, 2022
Terms of Service Privacy Policy