Open prajaybasu opened 1 month ago
How does this X-Shopify-Retry-Invalid-Session-Request
header work?
Other undocumented fun includes the shopify-reload
query parameter and the X-Shopify-Bounce
header.
@darrynten Sorry for the late response, based on what I can see, it simply asks App Bridge v4 to resend the fetch request with a new Session Token (invisible to the consumer, the promise just returns as normal once the internal retry succeeds). And yes, I've seen those other 2 undocumented features as well.
Describe the bug
For those of us that decided to implement App Bridge v4 and token exchange without Remix, the behavior of
X-Shopify-Retry-Invalid-Session-Request
in App Bridge does not seem to be included in the documentation anywhere.The older
X-Shopify-API-Request-Failure-Reauthorize-Url
is also not really documented either, however it was part of both the frontend and backend templates in multiple languages and not a part of the library.The same is not the case for
X-Shopify-Retry-Invalid-Session-Request
which has now become a part of the closed source App Bridge v4 library (along withX-Shopify-API-Request-Failure-Reauthorize-Url
), which is why I believe it's quite important that the App Bridge library documents how it deals with 401s.I used the following documentation when implementing my frontend and backend:
https://shopify.dev/docs/api/app-bridge-library/apis/resource-fetching https://shopify.dev/docs/apps/build/authentication-authorization/set-embedded-app-authorization?extension=javascript https://shopify.dev/docs/apps/build/authentication-authorization/access-tokens/token-exchange