APC 123
Documentation
DocumentationInstallation

Installation

Last updated -

The installation process is quick and simple, requiring no data entry. In just a few clicks, you'll have the app installed and ready to use.

Secure Installation

To install APC 123, head to the Shopify App Store. Each listed app, including APC 123, undergoes a rigorous 100-checkpoint review before being available for installation, ensuring reliability and security. This comprehensive evaluation guarantees that APC 123 meets Shopify's high standards, providing users with a trusted and dependable experience.

APC 123 App Installation Overview

App Permissions

Permissions within APC 123 determine the types of information the app can access or modify in your Shopify store to execute its functions. During the app's installation, you'll have the chance to review and approve these permissions. After installation, you can easily revisit and review the permission details by navigating to Apps > About page.

The permissions necessary for app functionality include:

  • View customers
  • Edit / view orders (pertaining to the last 60 days)

These permissions are crucial for specific features within the app and are solely utilized to enable these functionalities.

APC 123 App Installation Permissions

App Privacy Details

APC 123 requires access to the following types of personally identifiable information (PII):

  • Customer personal information: This includes contact details like name, email, phone number, and address. Apps managing orders, fulfillment, or shipping also require access to location information (physical address, IP address and geolocation) and device information (browser and operating system).
  • Shopify store owner personal information: This encompasses contact information for the store owner, including name, email, phone number, and addresses of all associated locations.
APC 123 App Installation Privacy Details
Please note that all apps installed via the Shopify app store have access to PII about your Shopify account, including your contact information and location.

Authorization

OAuth 2.0 is the industry-standard protocol for authorizing or giving permissions to apps. This framework enables third party applications to obtain limited access to your store.

The OAuth Flow

Shopify uses OAuth 2.0's authorisation code grant flow to issue access tokens on behalf of users. The OAuth flow is used so that users can authorize Shopify apps to access data in a store. For example, an app might be authorized to access orders and product data in a store.

  • The user makes a request to install the app.
  • The app redirects to Shopify to load the OAuth grant screen and requests the user to authorize the required permissions.
  • The user authorizes the app by consenting to the requested permissions.
  • The app receives an authorization grant. This is a temporary credential representing the authorization.
  • The app requests an access token by authenticating with Shopify and presenting the authorization grant.
  • Shopify authenticates the app, validates the authorization grant, and then issues and returns an access token. The app can now request data from Shopify.
  • The app uses the access token to make requests to the Shopify API.
  • Shopify validates the access token and returns the requested data.

Session Tokens

A session token serves as a vital authentication mechanism for embedded apps, ensuring secure communication between the client-side and the app's backend.

Upon the app's initial load, it operates in an unauthenticated state. During this phase, the app verifies the presence of a valid session token associated with your store. If a valid token exists, the app seamlessly proceeds with loading the UI. However, if the session token has expired, the app initiates a request for a new token. In such cases, a security checkpoint screen will prompt reauthorization, validating and confirming the renewal of your tokens.

APC 123 Session Token Security Checkpoint
Session tokens expire either when the user logs out or after 24 hours.
Was this helpful?