Hello, I’m working on a Custom App, and also I’ve created a node express API to handle all the business logic. On the backend API, when querying shopify objects through GRAPHQL I’m using the generated token in the Sessions database table. The problem is that to do this the embedded App needs to be running in order to generate the token; now I need to make some requests from the store online website to the backend API also, but, if the user is not using the embedded app then the token expires. I have read about the Oauth process provided in the development documentation and tried to implement it, but the process always need the user interaction to hit the login action. How can I use Oauth to Authenticate in my backend API and get the token to execute GRAPHQL queries without any user interaction?
Thanks in advance for your help!
A Session Token is not the same as an Access Token.
A Session Token represents a merchant staff member’s current session with your application.
Whereas an offline Access Token represents the OAuth provided access to the Shopify Admin GraphQL/REST APIs on behalf of that merchant.
You can exchange a Session Token for an offline Access Token using the dedicated API endpoint:
Lastly, there’s online Access Tokens as well. You can use online Access Tokens to infer more about the current staff member’s session. There’s details like their name, email address, etc.