Shopify App Store vs Custom App - Which Install Path is Right?

ERPClaw supports two ways to connect a Shopify store. Both lead to the same outcome: orders, refunds, payouts, and disputes flowing into your ERPClaw GL. The difference is plumbing.

TL;DR

	App Store OAuth	Custom App
Setup	2 clicks + 1 CLI command	Manual token creation in Partners dashboard
Token rotation	Handled automatically	You manage it
Worker dependency	Yes (shopify.erpclaw.ai)	No (skips Worker entirely)
Background daemon	Yes (status push every 15 min)	No
Status mirror in Shopify Admin	Yes	No
Admin UI commands (Sync now, Disconnect)	Yes	No
Best for	Most merchants	Air-gapped installs, power users, paranoid security teams

For 95% of merchants, App Store OAuth is the right choice. The remaining 5% who care about the difference already know who they are.

App Store OAuth (recommended)

This is the path you take when you click Add app on the ERPClaw listing in the Shopify App Store.

Pros:

• Two-click install from a familiar interface
• OAuth token managed for you (no manual rotation)
• Status mirror in Shopify Admin so you see sync health at a glance
• Commands queued from Shopify Admin (Sync now, Disconnect) reach your ERPClaw within seconds (SSE) or 15 minutes (status push)
• GDPR webhooks handled correctly
• Automatic reinstall handling on uninstall + reinstall within 48h

Cons:

• Requires our Worker to be reachable (shopify.erpclaw.ai). If our Worker is down, your existing sync still works (the OAuth token is on your machine), but new pairings and admin UI commands will fail.
• Adds a hop (Worker -> your ERPClaw) for command delivery, but not for data sync.

See the install walkthrough for the full step-by-step.

Custom App (power-user)

This path skips the App Store and the Worker entirely. You create a Shopify Custom App in your Partners dashboard, grant the same scopes manually, and use the resulting shpat_ access token directly.

Pros:

• Zero dependency on our Worker. ERPClaw talks straight to Shopify.
• Works in air-gapped environments (no inbound calls from our infra)
• You control the token rotation policy
• Useful when our Worker is down for maintenance and you cannot wait
• Clean fit for compliance environments where third-party intermediaries are forbidden

Cons:

• More setup work (manual scope configuration, token generation)
• No status mirror in Shopify Admin (the admin UI shows “Custom App install detected; status not available”)
• No daemon. You manage when sync runs (cron, scheduled tasks, manual)
• No remote command delivery. You run sync locally with erpclaw shopify-sync-orders
• You handle the GDPR webhook receiving infrastructure yourself if you want to publish the app

Custom App setup

1. In the Shopify Partners dashboard, create a new Custom App for your store (Apps -> Create app -> Custom).

2. Configure the Admin API scopes: read_orders, read_products, read_customers, read_shopify_payments_accounts.

3. Install the app to your store from within the dashboard.

4. Copy the resulting shpat_xxxxxxxxxxxxxxxx access token.

5. On your ERPClaw machine:

   erpclaw shopify-add-account \
     --company-id 1 \
     --shop-domain my-store.myshopify.com \
     --access-token shpat_xxxxxxxxxxxxxxxx

6. Verify the connection:

   erpclaw shopify-test-connection

7. Run the first sync:

   erpclaw shopify-start-full-sync

From this point, the workflow is identical to the OAuth flow except that nothing pings our Worker.

Mixing the two

You can run both flows on the same ERPClaw instance, even for the same shop. The shopify_account table treats them as distinct accounts identified by domain. We do not recommend mixing them for the same shop because you will end up with duplicate sync activity, but it is technically supported for testing.

Switching between them

If you start with one flow and want to switch:

OAuth -> Custom: disconnect via the Shopify Admin Disconnect button, uninstall the app from Shopify, then create a Custom App and add via shopify-add-account. Your local data stays intact.

Custom -> OAuth: install the app from the Shopify App Store, generate a pairing code, and run shopify-connect. The OAuth account will be created alongside the existing custom account. Delete the old custom account with shopify-delete-account once you confirm the OAuth flow is working.

When to choose which

Pick App Store OAuth if:

• You are a Shopify merchant who wants accounting automation and doesn’t want to think about token management
• You want to see sync health from inside Shopify Admin
• You want push-button “Sync now” from Shopify Admin

Pick Custom App if:

• You run an enterprise IT environment that does not permit third-party Worker dependencies
• You operate the app in an air-gapped network
• You want to script the entire sync lifecycle (cron, CI, custom orchestrator)
• You are auditing the integration for security and want to verify it works without our infrastructure in the path

For everyone else: App Store OAuth.