I need to call my application’s local HTTP endpoint from my REST API, but Shopify doesn’t allow non-HTTPS requests. Is there a workaround for this during development?
Hey @Ismail_GM,
There’s a couple different tools that you can use to have SSL when developing locally. Each of the tools act as a proxy that sits between your browser and the local development server; when they receive a request it’s SSL but then the make a plain-text request to your server, and pass back the content encrypted:
Browser --HTTPS-→ Proxy --HTTP-→ Local dev server
Three tools that should work are:
- Caddy is a free tool that you can run locally on your machine with SSL. The one disadvantage (maybe) is that your development server will not be accessible from the internet. This means that you’ll be able to test your app’s UI just fine, but you won’t be able to receive webhook messages with just Caddy.
- ngrok is a well-known tool that will give you a web-accessible SSL URL that points to your local dev serve. You run the tool locally and then you, and anyone else, can access your local dev server at a URL like
https://random-subdomain-abc.eu.ngrok.io. This is good because you can also test webhooks. It’s easy to set up and there is a free version but the downside with it is that your subdomain will change each time you start the app - Cloudflare tunnels are a newer option. I haven’t used them myself, and I think it’s a bit more complicated to setup, but it seems like the free tier might be a little better.
My recommendation would be to try ngrok since you can also test out your webhooks that way, but any of these tools should help out.
Best,
Daniel
Thanks, Daniel. I tried all those tools, and you’re right about each method’s pros and cons. I will stick with Ngrok for now, even though the fact that the URL changes every time is a little bit annoying.