Shopify Webhooks & Events

What it does

This skill provides clear, runnable patterns for registering Shopify webhook subscriptions (via GraphQL), verifying incoming webhook HMACs, and implementing mandatory GDPR webhook handlers required for App Store submission. It includes example code to register common topics (orders, products, customers), immediate 200 responses with asynchronous processing, and guidance on idempotency and error handling.

When to use it

Use this skill when building or hardening a Shopify app that needs reliable webhook handling: setting up subscription registration, implementing secure HMAC verification, responding to GDPR data requests/redactions, and processing order/product events asynchronously. It is especially relevant when preparing an app for Shopify App Store review (GDPR hooks are mandatory).

What's included

• Scripts: code snippets showing GraphQL webhook registration and Express.js handlers for HMAC verification and async processing.
• References: links to Shopify webhook docs and GDPR webhook requirements.
• Instructions: step-by-step guidance to register topics, configure mandatory shopify.app.toml GDPR subscriptions, implement three GDPR endpoints (data_request, customers/redact, shop/redact), and best practices for responding within 5s and idempotency.

Compatible agents

Best suited for Claude Code / Node.js-focused agents and developer tooling that run or generate backend code (Claude Code, Copilot-style assistants).