Connecting Your Shopify Store
Complete integration guide to connect your Shopify store with Artomate
Connect your Shopify store to Artomate using Shopify's secure OAuth 2.0 authentication system. This allows Artomate to manage your store listings and products seamlessly.
Step 1: Navigate to Connected Apps
Go to your Artomate dashboard and navigate to the Connected Apps section in your settings. This is where you'll manage all your store integrations.
Step 2: Initiate Shopify Connection
Click the "Connect Shopify Store" button. You'll need to provide your Shopify store domain (e.g., yourstore.myshopify.com). Make sure you're signed in to Artomate, as authentication is required to initiate the OAuth flow.
Step 3: Authorize on Shopify
You'll be redirected to Shopify's secure authorization page. Sign in with your Shopify admin account credentials if prompted. Review the permissions that Artomate is requesting and click "Install app" or "Authorize" to proceed.
Step 4: Complete Connection
After authorization, Shopify will redirect you back to Artomate. The system will automatically exchange the authorization code for an access token and store your connection securely. You'll be redirected back to the Connected Apps page where you'll see your Shopify store listed as connected.
Security & Privacy
Your data security is our top priority. The Shopify integration uses industry-standard security practices:
- Cryptographically Secure State: Each OAuth flow uses a unique, randomly generated state token to prevent CSRF attacks
- HMAC Verification: All Shopify callbacks are verified using HMAC signatures to ensure they originate from Shopify
- No Password Storage: We never see or store your Shopify password - authentication happens entirely through Shopify's OAuth system
- Token Security: Access tokens are stored securely and encrypted in our database
- Revocable Access: You can disconnect your Shopify store at any time from the Connected Apps page, which immediately revokes access
- Encrypted Communication: All communication uses industry-standard SSL/TLS encryption
What Permissions Are Required?
Artomate requests specific permissions (scopes) from Shopify based on what's configured in your environment. These typically include:
- Product Management: Create, update, and manage products and variants
- Inventory Management: Access inventory levels and update stock
- Order Access: Read order information to support fulfillment workflows
- Shop Information: Read basic shop details and settings
The exact scopes requested are configured by your Artomate administrator and follow the principle of least privilege - we only request what's necessary for the integration to function.
Common Issues & Solutions
Invalid shop domain
Make sure your shop domain ends with .myshopify.com. The domain should be in the format yourstore.myshopify.com, not your custom domain.
State expired or invalid
The OAuth state token expires after 15 minutes for security reasons. If you see this error, simply restart the connection process. Make sure to complete the authorization flow promptly after initiating it.
HMAC verification failed
This indicates that the callback from Shopify couldn't be verified. This is a security measure. If you encounter this, try disconnecting and reconnecting your store. If the issue persists, contact support.
Token exchange failed
If the authorization code exchange fails, it may be due to temporary Shopify API issues or configuration problems. Try again after a few minutes, or contact support if the issue persists.
Already connected but showing as disconnected
Your OAuth token may have expired or been revoked. Simply reconnect using the same process. The system will update your existing connection automatically.