You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We make first shopify installation app request like this http://shop-name.myshopify.com/admin/api/auth?api_key=xyz from install.php file.
After this we make second request https://shop-name.myshopify.com/admin/oauth/authorize?client_id=$api_key$scopes$redirect_uri
from oauth.php file.
Why do we need this first request? Could we just start installation process without this first request?
The text was updated successfully, but these errors were encountered:
@KozakRoman the first auth compares your api key and shared secret to shopify to determine if it is a valid request
Then Oauth sends request back to shopify for permissions to use such as "read_content" (aka scopes) etc...
Please see this for the steps on auth. https://help.shopify.com/api/guides/authentication/oauth
Keep in mind that a private app has full access to all scopes and then some. So, be careful how you handle the api key and secret. If these are exposed, your shop could be compromised by a knowledgeable attacker.
We make first shopify installation app request like this
http://shop-name.myshopify.com/admin/api/auth?api_key=xyz
from install.php file.After this we make second request
https://shop-name.myshopify.com/admin/oauth/authorize?client_id=$api_key$scopes$redirect_uri
from oauth.php file.
Why do we need this first request? Could we just start installation process without this first request?
The text was updated successfully, but these errors were encountered: