Separate backend and frontend App integration

I’m really confused by docs.

I’m building backend App (kotlin, spring boot) and then there’s also Embedded App (react, AppBridge) for customization.

In Shopify Partners I created App and I got Client ID and Client Secret from it.
In Configuration I set App URL (that’s frontend) like https://frontend.example.com/
Then in Allowed redirection URL(s) I set https://backend.example.com/api/oauth/callback, right? And upon installation, Shopify will make an OAuth callback to my backend where I validate request, register the store etc.

Well that last part doesn’t work. Shopify never makes any request to my backend. Upon instllation it just redirects to Embedded App in Shopify Admin.
And it’s driving me crazy, I don’t know what’s wrong there. URL is accessible, it’s secured https, it’s on my VPS (same as frontend).

For backend I should follow this guide, right?

I guess I can’t use Shopify Managed Installation (toml file) for Kotlin/Spring backend.

Hi @Martin_Machava

The OAuth flow is now legacy functionality. It’s not enabled by default in your shopify.app.toml.

The new flow handles OAuth for you, and just opens your application_url where the session token will be provided through AppBridge on the frontend.

However, if you’d like to handle OAuth end to end yourself, you can enable it with use_legacy_install_flow=true in your TOML file under the access_scopes section:

But I really don’t recommend it. I’ve switched from handling OAuth myself for years and the managed installation takes a lot off of your plate.