Developer changelog
Subscribe to the changelog to stay up to date on recent changes to Shopify’s APIs and other developer products, as well as preview upcoming features and beta releases.
Storefront API allows for cross-origin resource sharing
API
Effective October 06, 2022
Requests made to Storefront API from SSL provisioned domains that are registered in the domains list on the Admin Panel will now return a two new headers:
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: ${origin_domain}
With that mechanism in place, Storefront API securely shares resources such as cookies with the browser, allowing for cart events originated from API Clients other than Online Store to be accounted for in the conversion metrics out of the box, as long as the origin request complies with CORS policy.