Open patryk-smc opened 3 weeks ago
@patryk-smc OK I did some digging. Turns out, we do have a utility for this:
const {auth} = useApi(TARGET);
const token = await auth.sessionToken.get();
I'm working on adding this to types and documentation now 👍
Oh well, I did not expect that! Sweet thank you!
Hey, I have been working on Admin UI extensions for the last couple of days and found some inconsistencies with other parts of Shopify which I found a bit frustrating.
Documentation says:
Source: https://shopify.dev/docs/api/admin-extensions/2024-07#app-authentication
This means, that I can only send authenticated requests to my app domain or its subdomains.
The main problem here: If my app domain is app.myapp.com, I cannot make requests to api.myapp.com because this is not a subdomain of app.myapp.com
How this is solved in other parts of Shopify
Checkout UI Extensions and Customer UI Extensions
give us useSessionToken() hook which returns a token that can be used anywhere in the app, without any domain restrictions.
Source:
App Bridge Library
automatically injects an Authorization header to all requests made to the app URL, similar to Admin UI extensions, however:
I wanted to suggest either adopting an approach from other UI Extensions or the App Bridge Library. Thank you!