This page will outline everything you need to know and the steps you need to follow in order to start using the Shopify Ruby API gem in your app.
- A working knowledge of ruby and a web framework such as Rails or Sinatra
- A custom app already set up in your test store or partner account
- We recommend
ngrokto tunnel traffic to your localhost for testing
Add the following to your Gemfile:
gem "shopify_api"
Start by initializing the ShopifyAPI::Context with the parameters of your app by calling ShopifyAPI::Context.setup (example below) when your app starts (e.g application.rb in a Rails app).
ShopifyAPI::Context.setup(
api_key: "<api-key>",
api_secret_key: "<api-secret-key>",
host_name: "<application-host-name>",
scope: "read_orders,read_products,etc",
is_embedded: true, # Set to true if you are building an embedded app
is_private: false, # Set to true if you are building a private app
api_version: "2021-01" # The version of the API you would like to use
)Next, unless you are making a private app, you need to go through OAuth as described here to create sessions for shops using your app. The Shopify API gem tries to make this easy by providing functions to begin and complete the OAuth process. See the Oauth doc for instructions on how to use these.
Sessions are required to make requests with the REST or GraphQL clients. This Library provides helpers for creating sessions via OAuth. Helpers are provided to retrieve session ID from a HTTP request from an embedded Shopify app or cookies from non-embedded apps.
Session persistence is handled by the ShopifyApp gem and is recommended for use in the Rails context. See that gem for documentation on how to use it.
Cookie based authentication is not supported for embedded apps due to browsers dropping support for third party cookies due to security concerns. Non-embedded apps are able to use cookies for session storage/retrieval.
For non-embedded apps, you can pass the cookies into ShopifyAPI::Utils::SessionUtils.current_session_id(nil, cookies, true) for online (user) sessions or ShopifyAPI::Utils::SessionUtils.current_session_id(nil, cookies, false) for offline (store) sessions.
For embedded apps, you can pass the auth header into ShopifyAPI::Utils::SessionUtils.current_session_id(auth_header, nil, true) for online (user) sessions or ShopifyAPI::Utils::SessionUtils.current_session_id(auth_header, nil, false) for offline (store) sessions. This function needs an auth_header which is the HTTP_AUTHORIZATION header.
If your app uses client side rendering instead of server side rendering, you will need to use App Bridge's authenticatedFetch to make authenticated API requests from the client.
You can now start making authenticated Shopify API calls using the Admin REST or GraphQL Clients or the Storefront GraphQL Client.
If you intend to use webhooks in your application follow the steps in the Webhooks doc for instructions on registering and handling webhooks.