Prerequisites
- An OrderProtection account — every account can build apps (an account owner can build private apps for their own stores; third-party developers build public apps)
- A server that can receive HTTPS callbacks (for redirect URIs) — OrderProtection delivers the authorization code there at install time
Create your app
Navigate to Developer Apps
In the OrderProtection dashboard, click Developer in the left sidebar. This opens the Developer Apps page where you can manage all your applications.
Click Create New App
Click the Create New App button in the top-right corner. A modal will open with the app configuration form.
Choose visibility
Select the visibility for your app:
- Public — Your app will be listed in the marketplace after review and approval. Any OrderProtection merchant can discover and install it.
- Private — Your app is only available to your own account’s stores and is never listed in the marketplace. It goes live via Publish (see Private apps below) — no admin review unless it requests admin-gated scopes.
Fill in app information
Provide the following details:
| Field | Required | Description |
|---|---|---|
| Name | Yes | The display name for your app |
| Description | No | What your app does — shown to merchants during install |
| Website URL | No | Your app’s marketing or documentation site |
| Privacy Policy URL | No | Link to your privacy policy |
| App Logo | No | A square image representing your app |
| Category | No | Helps merchants discover your app (Analytics, Marketing, Shipping, etc.) |
Add redirect URIs
Add at least one redirect URI. This is the URL where OrderProtection will deliver authorization codes when merchants install your app.
Configure webhooks (optional)
If your app needs to react to real-time events, provide a webhook URL and select the event topics you want to subscribe to. See the Webhooks guide for details.
Configure embedding (optional)
If you want your app’s UI to appear inside the merchant dashboard:
- Enable the Embedded Mode toggle
- Enter your App URL — the page that will be loaded in an iframe
Select scopes
Choose the permissions your app requires. For each scope, you can mark it as:
- Required — The merchant must grant this permission to install your app
- Optional — The merchant can opt out of this permission during installation
App status lifecycle
Public apps go through a review process before they are listed in the marketplace:| Status | Description |
|---|---|
| Draft | Initial state. Your app is not visible to merchants. |
| In Review | You have submitted your app for review. The OrderProtection team will evaluate it. |
| Approved | Your app is approved and listed in the marketplace. Merchants can install it. |
| Rejected | Your app did not pass review. You will receive feedback and can resubmit. |
| Suspended | A previously approved app that has been suspended by an admin. |
Private apps
Private apps are for your own account’s stores and never appear in the public marketplace. They’re ideal for internal integrations or tools you build for the stores you operate — no separate developer account required. Instead of “Submit for Review,” a private app goes live via Publish (on the app’s Submission tab):- No admin-gated scopes → Publish takes the app straight to Approved, with no reviewer involved.
- Requests admin-gated scopes (e.g., pricing settings) → Publish routes the app to admin review first — the same gate a public app hits, because it’s the same sensitive data. The restricted scopes stay inert until an OrderProtection admin approves it.
Private apps can request admin-gated scopes — they just route through admin review on publish instead of self-publishing. Only the public marketplace listing is off the table.
Managing your app
After creation, you can manage your app from the app detail page:- Overview — View credentials, redirect URIs, webhooks, and scopes
- Edit — Update app information, redirect URIs, webhooks, embedding, and scopes
- Installations — See which merchants have installed your app
- Submission — Submit for review or check review status

