Re-authorization

Due to different reason, including but not limited to releasing new features, it is anticipated that applications will need to request new app scope & request merchants to re-authorize in order to have the permission to use the corresponding new OA & Webhook.

Below using an example to illustrate what's an app suggest to do under this scenario. However, please kindly aware that this is for reference only.

Example

Background

In light of new feature releases, the app team needs merchants to provide new app scope permission. If it's not authorized by merchant, app won't be allow to retrieve or receive the new data via specific OA or webhooks. How can App handle this situations especially post re-authorization?

Approach

1. Notify merchants about the impending scope change and its consequences through proactive and straightforward communication
   1. Highlight the necessity and benefits of re-authorization
   2. Recommending that apps notify merchants via their own channels and through SHOPLINE team using EC admin intercom (please discuss with your contact point)
2. Ensure backward compatible & proper error alert
   1. Ensure that your app maintains backward compatibility to handle data and functionality smoothly for merchants who haven't re-authorized yet
   2. Merchants should be able to use existing features without re-authorization
   3. Implement error notifications informing users of the need for authorization upon accessing certain sections or new features
3. Implement a "Fallback Mechanism"
   1. Implement a "Fallback Mechanism" for scenarios where webhooks have not been re-authorized, maintaining limited functionality until re-authorization is achieved.
   2. Clearly notify users on the UI that full functionality is contingent upon re-authorization.
   3. (Optional) Employ polling mechanisms to retrieve data unavailable during the pre-authorization phase. Synchronize any missing data once re-authorization is completed.