Shopify · 2022 In development
StoreBridge
Multi-tenant Shopify SaaS built to pass a cross-tenant security audit.
Tech stack
Next.js Prisma PostgreSQL Shopify OAuth Railway
The problem
Shopify app multi-tenancy is hard to get right. Many apps on the marketplace have known cross-tenant leakage paths because tutorials do not cover runtime isolation and HMAC webhook verification in depth.
Goals
- Real tenant isolation via Postgres RLS
- HMAC-verified webhooks for every Shopify event
- Clean OAuth install and scope upgrade flows
- Railway deploy with CI
The solution
- OAuth install flow with scope tracking
- HMAC-verified webhooks on every endpoint
- Inventory sync worker
- Postgres RLS enforced at the database role level
My role
- → Architecture and Shopify OAuth integration
- → HMAC webhook signing and verification
- → Postgres RLS setup and migration design
- → Railway deploy pipelines
UI direction
Shopify Polaris-native UI so the app feels embedded, not bolted on.
User flows
Install flow
- 1 Merchant clicks install on the Shopify app listing
- 2 OAuth redirect with requested scopes
- 3 App records grant and provisions tenant row
- 4 Webhooks register with signed endpoints
Key learnings
- Postgres RLS is the right default for Shopify apps, not application-layer scoping
- HMAC webhook verification should be a framework-level concern, not per-route
- Scope upgrade flows are where most real-world Shopify apps get stuck
Want something like StoreBridge?
I'm open to senior contract work. Let's talk about what you're building.
Get in touch