Building Shopify Apps
Shopify apps are web applications that add functionality to Shopify stores. They can do this in several different ways:
- Reading and writing store data, either in response to user input or webhook event notifications
- Extending new features inside existing parts of the Shopify admin or POS
- Enhancing the way stores display information to customers
Developers host their Shopify apps on their own infrastructure. You can host your app anywhere, and build it with the tech stack of your choice.
Developers enjoy extensive access to Shopify’s platform. Before putting this power to work, make sure you understand your responsibilities as an app developer, and how Shopify enforces the rules of our platform.
Types of apps
Depending on the purpose of your app and how you’ll distribute or sell it, you first need to choose what type of app you’ll build. App types can’t be changed after the app has been created, so be sure you understand the different capabilities and requirements of each type. There are three app types:
Public apps are meant for developers who want to distribute their apps to many merchants. These are the key features of public apps:
- They can be installed on multiple Shopify stores
- They must go through Shopify’s app approval process
- You can sell them in the Shopify App Store
- They manage authentication with OAuth 2.0
- They’re created and managed in your Partner Dashboard
- They can use Shopify App Bridge to appear as an embedded app in the Shopify admin
- They can use app extensions to extend the Shopify admin UI
Tutorial: Authenticate a public app with OAuth
Listed vs. unlisted public apps
Every public app that passes Shopify’s approval process has a profile page on the Shopify App Store. You can choose to make your app’s profile page listed or unlisted. Which one you choose depends on your business model and how you want to promote and sell your app. You can change your app’s listing status at any time.
Learn more: Visibility in the Shopify App Store
Custom apps are meant for developers building an app tailored for a single merchant. These are the key features of custom apps:
They can be installed on a single Shopify store
They don’t go through Shopify’s app approval process
You can’t sell them in the Shopify App Store
You can’t use the Billing API to charge merchants for them
They manage authentication with OAuth 2.0
They’re created and managed in your Partner Dashboard
They can use app extensions to extend the Shopify admin UI
Tutorial: Authenticate a custom app with OAuth
Private apps are meant for developers building an app for a merchant with specific requirements not met by custom apps. These are the key features of private apps:
- They’re created for a single Shopify store, or a small group of clients
- They don’t go through Shopify’s app approval process
- You can’t sell them in the Shopify App Store
- Manage authentication with basic HTTP authentication
- They’re created and managed in the merchant’s Shopify admin
Anatomy of a Shopify app
All Shopify apps are web applications. As an app developer, you control your own infrastructure and host your own services. When a merchant installs your app, Shopify grants your app access to certain store data.
Standalone apps have the following common features:
- They're authenticated and interact with Shopify APIs.
- They aren’t embedded in the Shopify admin.
- They expose their own user interface, on their own web domain.
- When Shopify merchants open a standalone app in the Shopify admin, it opens in a new browser tab.
- Standalone apps can’t use app extensions to add features to the Shopify admin or POS.
Embedded apps have the following key features:
- They use session tokens to authenticate.
- They're hosted on your own infrastructure, but display directly in the Shopify admin or POS inside an iframe.
- They have access to app extensions.
About app extensions
App extensions let you extend your app’s functionality and UI into different areas of Shopify, including the Shopify admin, POS, Flow, and online store. For example, you could add a bulk action link to the actions dropdown on the Products page of the Shopify admin, allowing merchants to edit multiple products simultaneously. By using app extensions for your apps, you can offer value to users within their existing workflows in Shopify.
Developers can extend or add new features to Shopify POS. Review Shopify App Bridge for details on which features can be customized.
How merchants manage their apps
Merchants manage apps by installing them in their stores, authorizing Shopify to share certain data with that app. Installation varies for public and private apps.
Installing public apps
Public apps are installed using OAuth. During installation, a URL is displayed to the merchant to request specific API access scopes. Provided that the merchant grants the requested access, then the app can be installed.
The installation process can be initiated with any web link. However, listing in the Shopify App Store is the best way to reach the greatest number of potential customers.
Installing custom apps
Custom apps can only be installed by a single Shopify store, via a generated install link tied to the merchant's store URL. To test your custom app without limits on installations, you should install it on a development store.
Before you generate an install link, you'll need to know the merchant's myshopify.com URL. When your app is ready for merchants to use, follow these steps to create a one-time install URL:
- Click 'Generate Link' on your app's overview page
- Enter the merchant's myshopify.com URL
- An install link will be generated, which must be manually sent to the merchant for installation
Installing private apps
Private apps use basic HTTP authentication with credentials generated by a single store. If the app has a valid API key and secret for that store, then it has access to the store’s data.
How apps get uninstalled
Merchants can delete apps from their stores at any time. Deleting an app revokes API access tokens for that store, stops subscription payments, and generates an uninstall webhook.
Uninstall events also occur when a Shopify store using an app is closed or suspended. Refer to the Webhook for more information.