These requirements make sure that users can quickly set up and start using your channel. The installation requirements describe the correct flows for authentication, channel subscription charges, and any sign-up steps (if required). These requirements make sure that you provide users with the guidance they need when they start learning to use your channel.

Authentication

Your channel must immediately authenticate using OAuth before any other steps occur, even if the merchant has previously installed and then uninstalled your app.
Merchants shouldn't be able to interact with the user interface (UI) before OAuth.

🚧

Caution

Your app must validate that the user owns the provided email address.

Permissions

Permissions are the levels of access that your channel has through the API. The permissions that you request are shown to the user on the OAuth handshake page, where the merchant can either grant or decline them.

1. Users must be redirected to your channel's user interface (UI) after they accept permissions access on the OAuth handshake page.
2. Your channel should request only the permissions that are necessary for it to function.

Setup and User workflows

For merchant security, your channel must not use pop-up windows for essential channel functionality, like running OAuth. Avoiding the use of pop-up windows also protects your channel from being compromised by pop-up blockers.