When you register your app in the Developer Portal, you’ll have the option of enabling Multiple Users. This allows store administrators to manually authorize users to load the app. This article describes how enabling Multiple Users impacts the app’s user experience in the control panel, and discusses important implications for app developers to consider before enabling the feature.
Enabling Multiple Users in Developer Portal affects the control panel on any store your that has installed your app. If you already have an app published in the Marketplace, be aware that this setting takes effect immediately. We recommend testing Multiple Users using a separate app that is in draft status.
Let store owners know you’ve enabled this feature. Otherwise, they won’t know they can grant access to users.
If Multiple Users is enabled after your app has launched, the update will cause the app scopes to change and users will be alerted of the new permission request.
Store owners will be able to adjust user permissions to grant or deny the store’s other users access to your app. The next time the user logs in, they will see any apps they’ve received permission to access. Users can then click the app icon in the left nav to load it.
Use your draft app and your sandbox store to review this behavior.
Apps with Multiple Users enabled can expect the email and ID of the user that initiated the callback in addition to the owner’s email and ID in the JSON object sent in the load request. If a load request is sent with information for a user you haven’t seen, provision the user account and associate it with the store in your database.
Because you know the store owner or user’s email and ID from the app installation sequence, your app can distinguish store owners from other users. This allows you to provide different user experiences based on the information in the load request. Here is a summary of the two types of users:
install, uninstall, and load apps. Store owners must grant permissions so that authorized users can install or uninstall apps.install or uninstall apps. Users are permitted only to load the apps that a store owner authorized.Store owners can also remove users. This action generates a GET request to the remove user callback URL that you provided in the Developer Portal. When this occurs, your app should remove the user identified in the request from its records.
For details about remove user and load requests, see Single-click App Callbacks.