There are a few open threads / Github issues about others experiencing the same issue as I, where using the new open() function is breaking auth headers and causing issues:
- Internal link navigation · Issue #344 · Shopify/shopify-app-bridge · GitHub
- Re: How do I navigate to a page within my Admin app using App Bridge 4? - Shopify Community
Basically, using NextJS redirect or the old app bridge redirect function properly keeps the required auth headers that we use for verification. For whatever reason, the window.open() strips this, causing issues.
Has there been any progress on this or any solutions?