Setup
Connect to your Shopify app for OAuth.
To setup your Shopify app in Cobalt for OAuth, you will need the following credentials from your Shopify Partner Dashboard:
- Client ID
- Client Secret
- Scopes
Pre-requisites
- Shopify Developer account or Shopify Partners account. You can create one here.
- Shopify development store. Follow the steps here to create a development store.
Creating an app in Shopify
To create a Shopify app and aquire the above mentioned credentials, please follow the steps mentioned below:
- Log in to your Shopify Partner Dashboard.
- Click on
Apps
in the left menu of the Dashboard.
- Click on the
Create App
button in the top right and chooseCreate App Manually
. - Enter the unique App Name for your application and click on
Create
. - In Cobalt, go to your
Apps catalog
> Search forShopify
>Settings
>Use your credentials
>Callback Url
. Copy the Callback URL as provided in your Shopify settings page. - In the App settings in Shopify Partner Dashboard, navigate to
Build
>Configuration
>URLs
section > Remove the default URL present inAllowed redirection URL(s)
> Paste the copied Callback Url > Click on theSave and Release
button in the top side >Release
.
- Navigate to
Overview
in the left menu and copy the Client ID and Client Secret from the Client credentials section.
Configuring credentials in Cobalt
App settings page lets you configure the authentication settings for an OAuth2
based application. For your customers to provide you authorization to access their data,
they would first need to install your application. This page lets you set up your application credentials.
Cobalt lets you use pre-configured applications to play around. You can do so by selecting Use our credentials
. However, if you wish to use your own application,
select Use your own credentials
. Provide the aquired Client Id and Client secret and save it.
Configuring Scopes
Cobalt lets you configure what permissions to ask from your users while they install your application. The scopes can be added or removed from the App settings page, under Permissions & Scopes
section.
For some applications Cobalt sets mandatory scopes which cannot be removed. Additional scopes can be selected from the drop down. Cobalt also has the provision to add any custom scopes supported by the respective platform.
Once the scopes has been added to the application in Cobalt, the app will now request for access of the mentioned scopes.
If you are facing scopes missing or invalid scope error. Make sure you are not passing any custom scope not supported by the platform.
Access to protected customer data
Some Shopify APIs alongwith the scopes, also require access to protected customer data. For eg. Abandoned checkouts, Draft Order etc.
To Request Access of protected customer data:
- In the left menu of the App, select
API access
. - Scroll down to
Access requests
section >Protected customer data access
>Request access
.
- Select
Protected customer data
, provide your reasons for using it, and clickSave
. - Complete rest of the requirements and submit the app for review.
Managing Distribution of the Shopify App
To setup Shopify App Distribution:
- In the left menu of App settings, navigate to
Release
>Distribution
. - Choose
Public distribution
fromSelect a distribution method
.
You can’t change the distribution method after you select it, so make sure that you understand the different capabilities and requirements of each type.
- Click on
Select
and confirm the distribution selected.
Going Live with Shopify
Once you have tested the Shopify integration with Cobalt using a test shop, it is time to publish your application so that other production shops of different organizations can install/authorize your application.
Shopify mandates publishing and listing of your application in order to be installed by other users from different organizations. This requires a review from the Shopify team who make sure that the application is installed through their marketplace as well and not just through the installation URL generated through Cobalt’s SDKs.
To list your application on Shopify, the following steps need to be followed:
1. Setup App URL page
As soon as the user clicks to install your application on Shopify’s marketplace, they are redirected to the App URL
provided by you in the Shopify app configuration.
Make sure a page exists for the URL provided or create a new page. This page would be responsible for handling installation requests.
When the user is redirected to the App URL
page, you can access the shop_name from the URL argument shop
.
Create another page to handle the redirect URL. Then using the Redirect page URI, Client ID, Shop name and required scopes, generate the following Shopify auth URL
and open it in the browser for the user redirected to the App URL page. This opens up the Shopify permission page.
2. Setting up Redirect URL page
In the previous step, we created a page to handle redirect URI and used that to generate the Shopify auth URL. Add the Redirect URL as one of the Allowed Redirection URLs
in the application configuration.
Once the user allows permissions from the Shopify permission page, the user is redirected to to this page. The URL consists of the shop name and a code.
3. Acquiring access token from redirect URL
Make use of the shop name and code from the previous step to make an API call to get the Access token.
Replace the Client ID
and Client Secret
with your valid credentials. This will provide you with a response consisting of the access token
and shop name
. Migrate the acquired token to Cobalt.
4. Migrating access token to Cobalt
Once the access token is acquired, send it to Cobalt for further handling API authentications, token expiries and retries.
Replace the API key, linked account ID, access token and store name with the valid values.
5. Subscribing to mandatory privacy webhooks
Shopify requires you to provide compliance webhook URLs to publish applications to the marketplace. They use this webhook URL to notify regarding Customer data requests, Customer data erasure, and Shop data erasure so that relevant action be taken.
Copy the Single webhook URL
from the Cobalt Shopify app setting page and paste them as Shopify Compliance webhooks
URLs in the Shopify app configuration page. Click Save and release
at the top to save your changes.
- Creating workflows to respond to privacy webhooks
Next, create 3 workflows that listen for these triggers in the workflow builder and publish them for all users:
- Customer data request (Customer Data Requested Trigger)
- Customer data erasure (Delete Customer Data Requested Trigger)
- Shop data erasure (Delete Shop Data Requested Trigger)
Actions and triggers
Once the above setup is completed, you can create orchestrations of your use-cases using Shopify actions and triggers. Following are the set of Shopify actions and triggers supported by Cobalt.