API authentication/authorization within Shopify app

I am new to Shopify and planning to make a Shopify App that will be powered by external API that I own,

What is the best practice for using external APIs when it comes to authorization / authentication?

Should I go with Oauth2, JWT or something else?

If I’ll go with Oauth2, how accustomed are Shopify shop owners with Oauth verification routine?

Thanks in advance!

Alex

Hi @Aliaksandr

This is Kate from PageFly - Landing page builder, I’d like to suggest this idea:

The best practice for using external APIs in Shopify is to use OAuth 2.0 for authorization and authentication. OAuth 2.0 is an industry-standard protocol for authorization and is widely supported by Shopify. It allows for secure, user-authorized access to third-party APIs.

JWT (JSON Web Tokens) can also be used for authentication and authorization, but it is not as widely supported by Shopify.

Shopify shop owners may not be familiar with the OAuth 2.0 verification routine, so it’s important to provide clear instructions and make the process as seamless as possible for them. Shopify also provides documentation and support for developers to help them implement OAuth 2.0 in their apps.

Thanks Kate, this is exactly what I was looking for, have a great day!

Hi @Aliaksandr
Where you able to achieve this?
I’m kind of stuck, I have my API which contains a /auth method which will handle the shopify OAUTH. But the frontend is a react app served elsewhere. I’m unable to make the app redirect to the frontend after successful Shopify Auth.