Shopify App Development Certification

Making a GET request to the /admin/webhooks.json endpoint will retrieve webhook subscriptions for the shop that have been created through the: -Shop Admin -API -Both

-API ? https://shopify.dev/api/admin/rest/reference/events/webhook

The Shopify SDK for Unity empowers game developers to do what? -Build a better store experience for digital downloads and in-game purchases using Shopify -Incorporate the sale of physical merchandise into a game -Provide a payment gateway for game subscriptions and season passes -All of the above

-All of the above ? https://shopify.dev/custom-storefronts/tools/unity-buy#3-access-the-unity-buy-sdk

To help with migrating from our REST to the GraphQL Admin API, REST responses now include the admin_graphql_api_id field. What value does this field hold? -A link to the corresponding GraphQL Object documentation -An ID that can be used to query the GraphQL object directly -The GraphQL query json for the Object you are querying using REST

-An ID that can be used to query the GraphQL object directly ? https://shopify.dev/api/admin/getting-started#authentication

The following app extension is used to embed an application's frontend within the context of a Shopify store's online storefront. -Embedded App SDK -App Bridge -Application Proxy -Storefront API

-App Bridge https://shopify.dev/apps/tools/app-bridge

Fifty-six percent of users decide against using apps that require user registration. What can you do to create a better registration experience for your users? -Prepopulate the user registration form using the `shop` object -Automatically create an account using the user info from an OAuth handshake -Both of the above options can help improve the registration experience for users

-Automatically create an account using the user info from an OAuth handshake ? https://www.shopify.com/partners/blog/improving-your-shopify-apps-onboarding-flow

When making a request to a shop, your app is getting a '403 Forbidden' response. What is the best way to troubleshoot the problem? -Have the merchant re-install your app -Attempt the request again -Check that your app has been granted the correct scopes -Contact Shopify's support team

-Check that your app has been granted the correct scopes ?

Failing to restrict the types or sizes of filters on image upload fields presents a significant security risk of what type of attacks? -Cross Site Scripting attacks -Client-State Manipulation -SQL Injection -All of the above

-Client-State Manipulation ?

What is the best practice method to display a form in a modal using the Shopify App Bridge? -Create an app page with the form and then use an iframe modal with the path/url set to the page -Create a Polaris modal with the HTML form within the and tags

-Create an app page with the form and then use an iframe modal with the path/url set to the page ? https://shopify.dev/apps/tools/app-bridge/actions/modal#setup https://polaris.shopify.com/components/overlays/modal

In addition to customers/data_request, which requests to view stored customer data, what two mandatory webhooks need to be added to every public app? -app/uninstall and customer/redact -Customers/redact and shop/redact -Shop/update and shop/redact

-Customers/redact and shop/redact https://shopify.dev/apps/webhooks/mandatory

Which testing method(s) should ideally be covered by automated test cases? Select all that apply. -Functional testing -Regression testing -Sanity testing -Usability testing

-Functional testing -Regression testing

When a merchant installs your app and enters your OAuth flow, what is the correct sequence of events your app must follow? -Redirect the user to my app's website to sign up for an account -> Get authorization from the user by redirecting them to Shopify's grant screen -> Perform security checks on the provided nonce and HMAC -> Make a POST request to acquire an access token. -Get authorization from the user by redirecting them to Shopify's grant screen -> Perform security checks on the provided nonce and HMAC -> Make a POST request to acquire an access token. -Redirect the user to my app's website to sign up for an account -> Get authorization from the user by redirecting them to Shopify's grant screen -> Make a POST request to acquire an access token.

-Get authorization from the user by redirecting them to Shopify's grant screen -> Perform security checks on the provided nonce and HMAC -> Make a POST request to acquire an access token. ? https://shopify.dev/apps/auth/oauth

Your app is meant for use by individual store users and must respect the permission levels of each user. In order to improve the onboarding experience, you want to create a user profile on installation. Which value, returned from the OAuth handshake, is the most reliable value to use for the user identification? -Email -ID -screen_name -All of the above can be used as unique ID

-ID ?

Your app keeps hitting the call limit. How can you verify how many calls you have left in your bucket after a specific request? -Look for the X-Shopify-API-Call-Limit header returned in your API call responses. -Count how many API calls it takes to receive a 429 response code. This tells you what your call limit is, and allows you to calculate how many calls you have left. -Contact Shopify support to find out how many API calls you have left and adjust your app's limit.

-Look for the X-Shopify-API-Call-Limit header returned in your API call responses. https://shopify.dev/api/usage/rate-limits

When building stand-alone apps, it's important to (Select all that apply): -Make your app visually distinct -Use your own logo -Provide top-level navigation which returns the merchant to their Shopify Admin

-Make your app visually distinct -Use your own logo -Provide top-level navigation which returns the merchant to their Shopify Admin https://polaris.shopify.com/foundations/designing-apps

Which of the following scenarios are not possible to implement using the Shopify Billing API? -Offering varying free trial periods depending on the country a merchant is based in -Charging different merchants with the same usage, varying usage charges for using your app -Offering merchants refunds for their past 12 months of charges -Charging merchants on an annual cycle as opposed to a 30-day cycle

-Offering varying free trial periods depending on the country a merchant is based in ? https://shopify.dev/apps/billing/models

In order to test your app effectively you need to test multiple user flows. You have already tested how your app installs on one of your development stores. Which of the following options qualify as different user flow you could test? Select all that apply. -Performing a fresh installation of your app on another store -Uninstalling your app on the same store -Reinstalling the uninstalled app immediately after uninstall

-Performing a fresh installation of your app on another store ? -Uninstalling your app on the same store ? https://www.shopify.in/partners/blog/user-test-app

Shopify's Sales Channel SDK enables the creation of sales channel apps that allow merchants to sell products on marketplaces outside of their online stores. Which Admin API resources does the sales channel SDK depend on? -ProductListing, CollectionListing, and Checkout -Product, Collection, and Checkout -ProductListing, Collection, and Payment -Product, CollectionListing, and Payment

-ProductListing, CollectionListing, and Checkout ? https://shopify.dev/api/admin/rest/reference/sales-channels

Where are notices about Shopify's API field deprecations posted? Select all that apply. -Shopify's API Announcement forum -Shopify's API Changelog -The GraphQL API reference documentation

-Shopify's API Announcement forum -Shopify's API Changelog ? https://shopify.dev/api/usage/versioning#deprecation-practices

You need to test a GraphQL mutation that you are planning to use in your app. Which of the following tools is best suited to this type of testing? Select all that apply -Shopify's GraphQL Explorer -GraphiQL -Postman

-Shopify's GraphQL Explorer -GraphiQL -Postman ?

To create a new checkout, you can send a POST request to the admin/checkouts.json endpoint. If you sent the following JSON string to the endpoint, what would be returned? { "checkout": { "line_items": [ { "variant_id": 26756068422, "quantity": 1 } ] } } -An error would be returned, as the checkout object is missing parameters necessary to process the customer's payment -The checkout object, including a web_url parameter which can be used to redirect a customer to this URL for Shopify's web checkout experience -The checkout object, including a `checkout_id` parameter which identifies the customer's transaction

-The checkout object, including a web_url parameter which can be used to redirect a customer to this URL for Shopify's web checkout experience https://shopify.dev/api/admin/rest/reference/sales-channels/checkout

The locale variable, returned within an OAuth request using online access mode, indicates which of the following? -The geographical location of the user -The language the user has chosen as their preferred language in the Shopify Admin -The primary language of the region the user is from

-The language the user has chosen as their preferred language in the Shopify Admin

Whose responsibility is it to ensure General Data Protection Regulation (GDPR) compliance for the data being stored by an app? Shopify -The merchant using the app -The server storing personally identifiable information (PII) -The app developer -All of the above

-The merchant using the app https://help.shopify.com/en/manual/your-account/privacy/GDPR#:~:text=While%20Shopify%20does%20what%20it,responsibility%20of%20each%20individual%20merchant.

App extensions are registered: -Through the Shopify Admin -Through Shopify's API -Both

-Through the Shopify Admin ? https://shopify.dev/apps/app-extensions/extension-points#online-store

When you are building an embedded app for Shopify, it should be visually distinct from the Shopify Admin. Which of the following ways is not a way to differentiate your app from the Shopify Admin? -Use a top bar color with a color difference greater than 100 (calculated using the Euclidean distance) from the Shopify Admin top bar -Use Polaris to style your app's structure within the admin, but style components and elements within your app for a different look and feel -Use your own logo -Provide top-level navigation which returns the merchant to their Shopify Admin -None of the above—all the above options are great ways to visually differentiate your app

-Use Polaris to style your app's structure within the admin, but style components and elements within your app for a different look and feel https://polaris.shopify.com/foundations/designing-apps#section-make-your-stand-alone-app-visually-distinct

A Shopify Plus merchant wants to apply discounts to shipping and the total price of the order, depending on if the transaction belongs to a repeat customer. What would be the most efficient way to accomplish this task? -Develop a private app that uses the Checkout, Customer, and Order APIs to check the customer's order history and apply discounts -Use the Shopify Scripts Editor app to write these discounts using Shopify's Ruby API -Use Shopify's Discounts API to create the discount logic in an app and tell the merchant to apply the code where necessary

-Use the Shopify Scripts Editor app to write these discounts using Shopify's Ruby API ? https://help.shopify.com/en/manual/checkout-settings/script-editor

The Polaris Banner component is available on (Select all that apply): -Web -Android -iOS

-Web -Android -iOS https://polaris.shopify.com/components/feedback-indicators/banner

The Polaris React components come with many accessibility features including the use of ____________ for icons, complex images, and actions (like buttons and links), to help people with low or loss of vision use the interface. -title -tabindex -alternative (alt) text -aria-level

-alternative (alt) text ? https://polaris.shopify.com/foundations/accessibility

What is the complexity cost of the following query? { customers (first:3) { edges { node { id email orders (first:3) { edges { node { id } } } } } } }

25

The following response status code indicates that an app has exceeded Shopify's API call limit. 420 422 429 500

429 https://shopify.dev/api/usage/rate-limits#rest-admin-api-rate-limits

What Polaris React component would you use to add a title and breadcrumb to your app? -<Heading> -<Tabs> -<Page> -<Link>

<Page> ? https://polaris.shopify.com/components/structure/page

Which Polaris component can be used only in an embedded app? <ResourceList> <DataTable> <Popover> <ResourcePicker>

<ResourcePicker> ?

What Polaris React component would be used to build three columns of equal width? <Page> <Layout> <Card>

<layout> https://polaris.shopify.com/components/structure/layout

Your hosting center and app were taken offline for more than 48 hours. Shopify has cancelled your webhooks because you weren't responding for an extended period of time. How do you get your webhook subscriptions back? -Generate a new shared secret key and update any webhook requests -Add a check that fetches all the existing webhooks and only registers the missing ones -Re-register all missing webhooks and overwrite existing ones to ensure nothing has been compromised

Add a check that fetches all the existing webhooks and only registers the missing ones https://shopify.engineering/17488672-webhook-best-practices

Which of the following is true about the text you add to your admin links? The text should be action oriented The text should include your app's name so the user knows what is supplying the functionality The text should be in title case All of the above

All of the above

Your hosting center and app were taken offline for more than 48 hours. There are a large number of unprocessed requests that were sent to you during the downtime. What is best practice for fetching and processing that data? -Build a reconciliation job that fetches data from the time period you were down and feeds it into the webhook—processing code one object at a time -Create a temporary webhook and build a reconciliation job that fetches data from the time period you were down and feeds it into the new webhook—processing the code as a batch

Build a reconciliation job that fetches data from the time period you were down and feeds it into the webhook—processing code one object at a time https://shopify.engineering/17488672-webhook-best-practices

Your client is a Shopify Plus merchant who requires automated workflows with custom processing that they can control from their Shopify Admin. What is the most efficient way to build them this functionality? -By building an embedded app that gives them custom configuration options designed by your team to match the client's common use cases -By using the Scripts API for Shopify Plus to write a simple Ruby script that the client can edit if they need to implement any major changes -By developing an app extension that plugs into Shopify Flow that the merchant can use with any of Flow's functionality

By developing an app extension that plugs into Shopify Flow that the merchant can use with any of Flow's functionality ?

If your app deprecates a script tag, you will need to delete it for it to be removed from a merchant's store. Assuming the ID of the script tag is 596726825, how would you remove it?

DELETE /admin/api/2021-07/script_tags/596726825.json https://shopify.dev/api/admin/rest/reference/online-store/scripttag

Webhook subscriptions are sufficient for tracking the latest state of shop resources such as products, collections, and fulfillments.

False https://shopify.dev/api/admin/rest/reference/events/webhook

You must remove any script tags your app installs by calling the /admin/script_tags/#{script_tag_id}.json endpoint on uninstall.

False https://shopify.dev/api/admin/rest/reference/online-store/scripttag

Making a GET request to the /admin/fulfillment_services.json endpoint will return all fulfillment services installed on a shop.

False https://shopify.dev/api/admin/rest/reference/shipping-and-fulfillment/fulfillmentservice

The REST Admin and GraphQL Admin APIs share the same rate limit.

False https://shopify.dev/api/usage/rate-limits

By default, when an order is created through the API, an order confirmation is automatically sent to the customer.

False https://shopify.dev/api/admin/rest/reference/orders/order

Shopify uses the same Resource IDs in both GraphQL and REST.

False ?

The read_orders app scope enables applications to read all orders on a Shopify store.

False ? https://shopify.dev/api/admin/access-scopes

Which of the following would be most effective to implement when considering how to minimize your app's downtime for users? -Monitoring response times and errors for spikes -A form for users to report outages for the issues they are facing -CI and other automated deployment/testing strategies

Monitoring response times and errors for spikes ? https://www.shopify.com/partners/blog/18137743-don-t-get-caught-with-your-app-down-on-black-friday-cyber-monday

For each of your app's active installs, you have acquired an access token. Do you still need to authenticate requests to your app?

No ? https://shopify.dev/apps/auth/oauth#5-make-authenticated-requests

In order to initialize your embedded app using Polaris, you must use the <AppProvider></AppProvider> component. What is the following code missing in order to properly initialize your app? ReactDOM.render( <AppProvider> <ResourcePicker open="" products="" onSelection="{(resources)" ==""> console.log('Selected resources ', resources)} /></ResourcePicker> </AppProvider>, ); -Nothing. This code is enough to initialize a an app. -The shop parameter is missing from the `AppProvider` component. -The apiKey parameter is missing from the `AppProvider` component.

Nothing. This code is enough to initialize a an app. https://polaris.shopify.com/components/structure/app-provider

What type of API access should be used if you want an access token to expire after a user stops using your app? -Online access mode -Offline access mode -Hybrid access mode

Online access mode https://shopify.dev/apps/auth/access-modes

Starting from the QueryRoot order object, what series of connections, objects, and final field would a query need to request in order to determine the location ID where a line item is stocked? For this answer, we are ignoring parameters on connections and the edges/node syntax. discountApplications, lineItems, currencyCode, name, orderNumber, processedAt order, line_items, variant_id, inventory_level, location_id Order, lineItems, variant, inventoryItem, inventoryLevels, location, id order, product, productvariant, inventoryitem, inventorylevel, location, id

Order, lineItems, variant, inventoryItem, inventoryLevels, location, id ? https://shopify.dev/api/admin/graphql/reference/orders/lineitem

After contacting [email protected] to have your app removed from the app store, what is the best practice for making your app unavailable to merchants? -Remove the app from your servers but keep the app in the Partner Dashboard -Remove the app from your servers and delete the the app from your Partner Dashboard

Remove the app from your servers but keep the app in the Partner Dashboard ?

Documentation is an opportunity to educate your users. Which of the following is not a good method of encouraging learning in your documentation? -Clearly defining each step and defining tasks with granularity -Including greater context beyond the task itself, so users understand the purpose and outcome of each step -Repeating the same information through subsequent steps to reinforce key concepts -Gradually increasing the tutorial difficulty—making first tasks easier than later ones

Repeating the same information through subsequent steps to reinforce key concepts ? https://polaris.shopify.com/content/help-documentation

How does Shopify's GraphQL leaky bucket call limit differ from its REST counterpart?

The GraphQL call limit considers the cost of requests over time where the REST call limit considers the number of requests https://shopify.dev/api/usage/rate-limits

When it comes to your relationship with merchants, what is an "interaction total" and why would it be helpful for you to measure it? -The interaction total is the total number of support interactions you've had with your customers, and can be used to change your support strategy, offer support at peak times, or identify common support questions and frustrations. -An interaction total is the total amount of requests that your app has sent to Shopify's API on behalf of its users. This can help you detect the most commonly used functions and how you can optimize your app to surface those functions to merchants earlier.

The interaction total is the total number of support interactions you've had with your customers, and can be used to change your support strategy, offer support at peak times, or identify common support questions and frustrations. https://shopify.dev/apps/store/support#:~:text=The%20interaction%20total%20is%20the,you're%20getting%20from%20merchants

Shopify Apps are able to bill users on a recurring and usage-based basis simultaneously with the Billing API.

True https://shopify.dev/api/admin/rest/reference/billing/usagecharge

If a merchant uninstalls and reinstalls your app, the app should authenticate and request permissions again, following the same onboarding flow as a fresh installation.

True ?

To ensure a consistent user experience, you should ensure any illustrations you create for your app's user interface use Shopify's illustration style.

True ? https://polaris.shopify.com/design/illustrations#navigation

All GraphQL Admin API calls are made to a single, per-shop, endpoint.

True ? https://shopify.dev/api/admin/getting-started#graphql-admin-api

The access token generated during OAuth can be used with both the REST and GraphQL Admin APIs.

True ? https://shopify.dev/api/admin/getting-started#rest-admin-api

You are able to process payments and orders within your custom storefront app without redirecting the user to Shopify's payment gateway. True False

True ? https://shopify.dev/api/storefront

Shopify App Bridge's provided iframe modals can communicate and dispatch actions just like your main app. True False

True ? https://shopify.dev/apps/tools/app-bridge/actions/modal

Adding a loading screen with information or entertaining content can alleviate your users' impatience during long wait times and make them less likely to to uninstall your app. True False

True ? https://www.shopify.com/partners/blog/app-ui

A GraphQL query with a complexity score below 25 will likely be more efficient than a REST call to the same object. True False

True ? https://www.shopify.com/partners/blog/graphql-vs-rest

After receiving one of the three possible GDPR webhooks from Shopify (customers/redact, shop/redact, or customers/data_request), how long do you have to complete the associated action?

Within 30 days https://shopify.dev/apps/webhooks/mandatory

Using the Shopify App Bridge, how would you subscribe your app to errors of the type INVALID_ACTION? Which method would you use to complete the above task? -app.subscribe(Error.ActionType.INVALID_ACTION, (data) => {data...}); -app.error((invalidAction) => {invalidAction...}); -app.on(Error.ActionType.INVALID_ACTION).then((data) => {data...});

app.subscribe(Error.ActionType.INVALID_ACTION, (data) => {data...}); https://shopify.dev/apps/tools/app-bridge/actions/error

You have created a cart inside your POS app using the following code: const cart = Cart.create(app) How would you listen for changes on your given cart? cart.fetchCart({success(cart){cart...}, error(errors){...}); cart.dispatch(Cart.Action.FETCH, (data) => {data...}); cart.subscribe(Cart.Action.UPDATE, (payload) => {payload...}); cart.fetch().then((cart) => {cart...});

cart.subscribe(Cart.Action.UPDATE, (payload) => {payload...}); https://shopify.dev/apps/tools/app-bridge/actions/cart

You are using the following code to show a toast message when a user clicks a button in your embedded app: button.subscribe(Button.Action.CLICK, (message: string) => { const toastMessage = Toast.create(app, { message: "Hello world", duration: 3000, }); // Missing line }); What line is missing in order to display this message to the user? Enter function call in the text box below (Example: foo.bar();).

clickUnsubscribe(); https://shopify.dev/apps/tools/app-bridge/actions/button

In the event that you need to refresh your app's access tokens, each access token stored by your application would need to be updated. To request tokens that use your new secret key, you would need to use a POST request such as: POST https://SHOP_NAME.myshopify.com/admin/oauth/access_token Which parameters are required in the body of this request? -client_id, client_secret, refresh_token, access_token -client_id, client_secret, code -access_token, SHOP_NAME -api_key, client_secret, access_token, SHOP_NAME

client_id, client_secret, refresh_token, access_token https://shopify.dev/apps/auth/rotate-revoke-api-credentials

You are creating a custom storefront app that requires users to sign up to make purchases. You are using the following code to sign users up from a form in your app: mutation customerCreate($input: CustomerCreateInput!) { customerCreate(input: $input) { userErrors { field message } customer { id } } } What request variables are required to be sent in the $input object in order to successfully generate the account? Enter variable keys separated by commas (example: variable1, variable2, variable3).

email, password https://shopify.dev/api/storefront/reference/customers/customercreate

Calls that include a deprecated field will return the following response header: -X-Shopify-Deprecated-Field -X-Shopify-API-Deprecated-Reason -404 Not Found

https://shopify.dev/api/usage/versioning#deprecation-practices

Which Shopify App Bridge resource picker option would you use in order to filter a list of products? -showProducts -filterValue -showVariant -initialQuery

initialQuery ? https://shopify.dev/apps/tools/app-bridge/actions/resourcepicker#options

You are using the following code in your embedded app to redirect to the variant id 1234 of product abc in the Shopify Admin: const redirect = Redirect.create(app); redirect.dispatch(Redirect.Action.ADMIN_SECTION, { name: Redirect.ResourceType.Product, // Missing property }); Write the missing property and values you would need to complete the redirect task in the text box below. Example: property: {key: value, key: value}

resource: { id: 'abc', variant: { id: '1234', } } ? https://shopify.dev/apps/tools/app-bridge/actions/navigation/redirect

When making a GET request to /admin/orders.json to return all orders between two dates, what two parameters (in addition to any date related parameters) should you include to ensure the most reliable count is returned? -status: open and status: closed -since_id and status=any -status and financial_status -limit and page

since_id and status=any https://shopify.dev/api/admin/rest/reference/orders/order

Using Polaris best practices for actionable language, buttons should be labeled using: -We {verb} + {noun} -Lowercase -{verb} -"Click here"

{verb} + {noun} https://polaris.shopify.com/content/actionable-language#section-buttons