---
title: Custom backend
description: >
  You can use a custom backend to handle requests from your Mini. This page
  describes how to connect to your backend and verify requests.
api_name: shop-minis
source_url:
  html: 'https://shopify.dev/docs/api/shop-minis/custom-backend'
  md: 'https://shopify.dev/docs/api/shop-minis/custom-backend.md'
---

# Custom backend

You can use a custom backend to handle requests from your Mini. This page describes how to connect to your backend and verify requests.

***

## Verifying requests

You can verify a request originates from a user in the Shop app by attaching a temporary token to the request inside the Mini and exchanging it for a user identifier on your backend.

1. Generate a temporary token using the [`useGenerateUserToken`](https://shopify.dev/docs/api/shop-minis/hooks/usegenerateusertoken) hook.
2. Attach the token in the headers of your [`network request`](https://shopify.dev/docs/api/shop-minis/network-requests).
3. Verify the token using the [`userTokenVerify`](https://shopify.dev/docs/api/shop-minis/minis-admin-api/mutations/usertokenverify) mutation in the Shop Minis Admin API.

This is useful for identifying the user making the request and for rate limiting requests to your backend.

**Setup your Mini:**

You must run the [`setup`](https://shopify.dev/docs/api/shop-minis/commands/setup) command before you can use the [`useGenerateUserToken`](https://shopify.dev/docs/api/shop-minis/hooks/usegenerateusertoken) hook.

**Caching lookups:**

Ensure you cache the token exchange lookup to avoid unnecessary requests to the Shop Minis Admin API. You can use the `tokenExpiresAt` field in the response to invalidate the cache when the token expires.

***

## Identifying users

If you need access to the user's `publicId`, include the `openid` scope in your [`manifest.json`](https://shopify.dev/docs/api/shop-minis/manifest-file). `publicId` will allow you to identify users across Minis.

***

## Example

This [`reference implementation`](https://github.com/Shopify/shop-minis/blob/main/supabase/README.md) shows how to securely authenticate Shop Mini users and process their requests using Supabase Edge Functions. This guide can be extrapolated to other backend services.

***