These requirements ensure that merchants can quickly set up and begin using your app. The installation requirements outline the proper flows for authentication, app install charges, and any required sign-up steps. Adhering to these standards guarantees that merchants receive clear guidance and support as they familiarize themselves with your app.
1. Authentication
- When a merchant clicks Add App from your app's listing page, your app must immediately authenticate using OAuth before any other actions, even if the merchant has previously installed and uninstalled your app.
- A merchant must be able to authenticate for using your app on multiple stores, even if they share the same email address.
2. Permissions
Permissions define the levels of access your app has to a merchant's store through the API. The permissions that you request are shown to the merchant on the OAuth handshake page, where the merchant can either grant or decline them.
- Merchants must be redirected to your app’s user interface (UI) immediately after they accept permission access on the OAuth handshake page.
- Your app should request only the permissions that are essential for its functionality.
- API permissions for your app should only be revoked using the delete button provided on the app setup page..
3. Setup and Merchant Workflows
-
Your app must provide clear in-app setup instructions tailored specifically for Shoplazza merchants, even if your app also connects to other platforms. These instructions should guide merchants on how to use your app effectively.
-
Your app must never ask merchants generate or provide a private API key. The Shoplazza App Store supports only public apps.
-
Any connection that your app makes from its UI to either link to another shop or install other apps must be routed through the Shoplazza App Store listing first.
-
For merchant security, your app must not use pop-up windows for essential app functionality, like running OAuth. Eliminating pop-ups also protects your app from interference caused by pop-up blockers.