App Bridge is meant for browser/client-side use in embedded apps.
For a non-embedded app like yours, you can take this approach:
-
INSTALLATION
→ You share the installation link generated in Partner Dash with merchant
→ Merchant uses installation link
→ Shopify redirects to your application_url -
YOUR APP
→ Checks for existing session
→ Redirect to OAuth if no existing session -
OAUTH FLOW
→ Your /auth/start endpoint redirects to Shopify’s authorize page
→ Merchant approves
→ Shopify redirects to /api/auth endpoint with authorization code -
TOKEN EXCHANGE
→ Your /api/auth endpoint exchanges code for access token
→ Store the token securely -
API CALLS
→ Load stored token
→ Include in X-Shopify-Access-Token header
Hope that helps, let me know if you need me to clarify anything