Table of Contents

Shopify Public and Private Apps

Colin Updated by Colin

ShipStream's Shopify Plugin supports authentication both with and without OAuth. OAuth is an authentication workflow whereby the user can authorize an application by approving an app as an authenticated Shopify user and without sharing their login credentials or directly copying and pasting an API key.

Which should I choose?

OAuth 2.0 authentication is required for "Public apps" and "Custom apps" and is the recommended way to manage integrations for 3PLs who want to offer an app to their customers on the Shopify App Store, whether it is Listed or Unlisted. For merchants that have no need for a public Shopify app, it will be easier to not use OAuth and to instead create a Private app.

Please see Types of apps for a more detailed description of the differences between the types of Shopify apps.

The "Use OAuth" configuration is a global configuration. You can switch modes at any time and subscriptions that are already connected will continue to work but new subscriptions will have to be connected using the current mode so it is recommended not to change this setting frequently.

Public App Setup (Using OAuth)

To create a Public app you must first sign up as a Shopify Partner for your company. In your Shopify Partners dashboard click "Apps" and then "Create app" to begin the process. The urls for your App setup will be supplied in the Shopify Plugin section of the ShipStream configuration under System > Configuration > Plugins/Webhooks > Shopify Plugin.

Your Shopify app must be approved by Shopify before it can be used for more than one store so be sure to account for 1-2 weeks for the approval to be completed.

Once approved, your Shopify users will be able to connect their stores by visiting the app listing to install your app, or by clicking the Connect button on ShipStream's Edit Subscription page.

Private App Setup (Not using OAuth)

If not using OAuth then you can add a Subscription for the Shopify plugin in ShipStream and simply obtain a Private App Access Token and paste this into the Subscription's Plugin Configuration section.

Obtaining a Private App Access Token

To obtain a private app access token go to your Shopify store's admin panel and click "Apps" and then "Develop apps".

Click "Enable private app development" and read the terms carefully and accept to continue.

Click "Create private app" to create your private app for use with ShipStream and provide a name and contact email.

Set all of the appropriate permissions for the app by clicking "Configure Admin API scopes".

The permissions required by the Shopify Plugin are:

  • Assigned fulfillment orders: Read and write
  • Fulfillment services: Read and write
  • Inventory: Read and write
  • Orders: Read and write
  • Products: Read access
  • Shipping: Read and write

The Storefront API access is not needed and can be left unconfigured.

After clicking Save, the API Key and API Secret key will be generated by Shopify. Go to the "API credentials" tab to view and install the app to your store. To generate the "Admin API Access Token" click "Install app" and confirm.

After confirming, a hidden "Admin API access token" will be visible. This Token can only be made visible once. Please be ready to save this to a secure location in case it is ever needed a second time. Copy and paste this "Admin API access token" into the ShipStream "Custom App Access Token". Also, copy the "API Secret Key" and paste this into the "Custom App Secret Key" field in ShipStream.

How did we do?

Contact