App Loading Flow

Step 1: The frontend sends a request to the load endpoint(api/v1/apps/load-app/app_id).

Step 2: The backend checks the installed app and its permissions. it creates a property named scopes and encrypts it with the MD5 algorithm. It creates a URL with a new parameter and redirects the client to the app's installation page. The parameters are shop ID, scopes, and HMAC.

Step 3: The app checks the scopes with its scope and runs OAuth flow if needed.

Step 4: If the scope is changed, the app runs the OAuth flow again. The backend redirects the client to the consent page and so on.

Step 5: If the scope isn't changed, the app calls the Load API(api/v1/apps/load/app_id) with its credentials: client ID, client secret, and shop ID.

Step 6: The backend checks the requests and redirects the client to the app page(https://admin.sesami.co/apps/app_id). On this page, the frontend should send a request to the backend to get the app information and load it.