Clarification on Shopify OAuth and Discount Code Generation Implementation (Non-Shopify Plus)

Authentication & Access
1

Hello everyone!

I’m currently working on integrating a custom Shopify app created through the Shopify Partner account. However, I’ve encountered some uncertainty around implementing OAuth 2.0 authentication and generating discount codes, particularly since I’m not using Shopify Plus.

OAuth 2.0 Implementation

I have created the app on the Shopify Partner Dashboard and selected a development store. However, I haven’t implemented the OAuth flow yet, and I need to confirm a few things:

  1. Redirect URL:
    When Shopify redirects the user back to my app after authentication, what should the redirect URL look like?
    Should it be something like https://myapp.com/oauth/callback, or do I need to configure this URL somewhere in the Shopify Partner Dashboard, and how is that URL set up in the backend of my app?
  2. Scope and Permissions:
    For the OAuth flow, I’m assuming I need to request permissions like read_products, write_orders, etc. Should these be passed as part of the redirect URL when initiating the OAuth process? And do I need to add these scopes in the Shopify Partner app settings?
  3. Access Token:
    Once I get the authorization code after the user’s approval, how do I exchange it for an access token to make authenticated API calls to Shopify?
    I believe this is done by making a POST request to the access_token endpoint, but should I expect to receive the access token as part of the redirect URL, or is it something I need to extract programmatically after the user is redirected?

Creating a Discount Code (Price Rule)

After obtaining the access token, I want to create a discount code. For this, I’m using Shopify’s Price Rule API. Here’s my approach:

  1. Creating a Price Rule (Discount Code):
    I send a POST request to the following endpoint:
POST https://{shop}.myshopify.com/admin/api/2024-10/price_rules.json

I pass the required payload to create the discount. Example payload:

{
  "price_rule": {
    "title": "Custom Discount",
    "target_type": "line_item",
    "target_selection": "all",
    "allocation_method": "across",
    "value_type": "fixed_amount",
    "value": -20,
    "once_per_customer": true,
    "customer_selection": "all",
    "starts_at": "2024-11-25T00:00:00Z"
  }
}

This creates a discount that applies to all items for all customers.

Questions/Confirmation:

  • Non-Shopify Plus Access: Since I’m not using Shopify Plus, I understand that I don’t have access to the discount_code endpoint directly. Is this approach correct to create a discount code without Shopify Plus?
  • Scope and Permissions: Is the scope I’m using (read_products, write_orders, etc.) sufficient for creating price rules, or do I need additional permissions for this action?
  • Rate Limits: Are there any considerations regarding API rate limits when creating multiple discount codes, and how can I handle this efficiently?

If anyone has worked with similar implementations or has advice on improving this flow, I’d love to hear your thoughts!

Thanks in advance for your insights!