Hi Shopify Support,
I’m developing an app (App ID: 296854913025) and preparing it for submission. I’ve added the Privacy Policy URL in the app submission editor under the Privacy & Compliance section, and it’s saved successfully.
However, when I install the app in a test store, the installation screen shows “This app needs access to:” with the required permissions, but it does NOT display the expected message: “By installing you agree to [App Name]'s Privacy Policy and Terms of Service.”
What I’ve tried:
-
Added Privacy Policy URL in the app listing editor
-
Saved all changes
-
Uninstalled and reinstalled the app in a fresh development store
-
Cleared browser cache and waited several minutes between attempts
My questions:
-
Where exactly should the Privacy Policy URL be configured to trigger the consent message during OAuth installation?
-
Is there a separate configuration field (outside of the app listing/submission editor) where this URL needs to be added?
-
Does the app need to be submitted for review before this consent message will appear?
The app is currently in draft status. Any guidance on the correct location to configure this would be greatly appreciated.
Thank you!
Hi @Sanjeev_Kapoor
I believe the URL you add to this field will appear on the public app listing page here:
As well as being linked in the settings > app page:
Additionally, the intent of the privacy policy is to describe how your app or product collects and uses personal data. It is not an agreement that a merchant would need to opt in to.
As far as I know there is no way to customise the Auth screen. This is intentionally not available for customising so that it remains a familiar and consistent experience for merchants.
Hi Liam -
>> As far as I know there is no way to customise the Auth screen
Right, that makes sense.
Just to clarify - my app has not been reviewed yet and is currently in ‘Draft’ status. Would the draft status prevent the privacy policy URL from being displayed during installation?
Also, I’m unable to locate the ‘public app listing page’ that you mentioned with the fields you listed. Could you provide the specific path or URL where I can find this page in the Partner Dashboard?
Thanks, Sanjeev
Hi again @Sanjeev_Kapoor
So the link should appear here when installing the app:
But it is possible that it won’t appear until the app is actually reviewed and published - I’m digging into the logic for that now
Hi Liam -
>> But it is possible that it won’t appear until the app is actually reviewed and published
Right and I want to be sure whether that is the case!
Currently, I’ve added the Privacy Policy URL in the app submission editor under the Resources section in the ‘Privacy policy URL’ field.
However, I’ve seen guidance suggesting that for the consent message to appear during OAuth installation, the Privacy Policy URL may need to be configured in a separate location - specifically under App compliance, GDPR webhooks, or Protected customer data settings (separate from the app listing editor).
I’ve searched through the Partner Dashboard but cannot locate any of these sections or an alternative field for the Privacy Policy URL outside of the app submission editor.
My questions:
-
Is the Privacy Policy URL in the app submission editor sufficient, or does it need to be configured elsewhere for the OAuth installation consent message?
-
Will the consent message only appear after the app is reviewed/published, or should it work in draft status?
-
Where can I find the Terms of Service URL field? I don’t see this option in the submission editor.
Thanks for your help!
Sanjeev
Hi @Sanjeev_Kapoor
I can confirm that this policy link won’t appear on the auth page until the app is published - it won’t appear in draft mode.
Thanks for the update, Liam. I will retry once the app is published.
Hi Liam,
Thanks for confirming that the Privacy policy only appears once the app is live, had been wondering the same thing myself.
Could you also help me find out where to define the terms of service link that can appear on the app grant page, which is present for lots of public apps. There isn’t a dedicated field for it in the app distribution settings where the privacy policy URL is set.
Cheers!
