Shopify Opens Sidekick App Extensions to All Developers: Build Searchable App Data and In-app Actions

Table of Contents

1. Key Highlights
2. Introduction
3. What Sidekick app extensions enable: App data and App actions explained
4. How app data works: indexing, relevance, and merchant value
5. How app actions work: context-passing, deep links, and merchant confirmation
6. Developer experience: Shopify CLI, scaffolding, and deployment workflow
7. Practical product design: when to expose data and which actions to enable
8. Security, permissions, and merchant consent
9. Testing, validation, and observability
10. Real-world merchant workflows and examples
11. Best practices for high adoption and trust
12. Common pitfalls and how to avoid them
13. Business considerations: adoption, retention, and monetization
14. Getting started: a practical checklist for developers
15. Roadmap and future opportunities
16. Where to get help and provide feedback
17. FAQ

Key Highlights

• Shopify now allows all app developers to build Sidekick app extensions that expose app data for search and enable merchants to trigger in-app actions directly from Sidekick.
• Two extension types are available today: App data (make content searchable with contextual metrics) and App actions (deep links that open pre-filled pages for merchant confirmation); Shopify CLI scaffolds the setup and 18 launch partners are already live.

Introduction

Shopify has expanded access to Sidekick app extensions, enabling every app developer on the platform to integrate their apps with merchants’ assistant experiences. The new capability splits into two practical features: surfacing app data inside Sidekick search results and enabling contextual actions that navigate merchants into apps with pre-filled context so they can confirm changes. That combination promises both discoverability and immediate workflow continuity: merchants can surface the information they need and complete work without hunting through multiple admin screens.

Eighteen partners are already live through early access, including Klaviyo, Loop, Smile, Judge.me, Checkout Links, and Matrixify. Shopify provides tooling to speed adoption: the Shopify CLI can scaffold an extension so developers can deploy a functional integration in minutes. For development teams, the release presents both an opportunity to increase app usage and a set of requirements around security, UX design, and data modeling. This article breaks down what Sidekick app extensions do, how they work, technical and product design considerations, and practical guidance for developers preparing to build and ship extensions that merchants will rely on.

What Sidekick app extensions enable: App data and App actions explained

Sidekick app extensions let apps integrate at two levels: data and actions.

• App data: Index your app’s content so Sidekick can return relevant results when merchants search. That means an app’s entities — campaigns, coupons, reviews, return policies, product attributes, exports — can appear in Sidekick with summary metrics and links back to the originating resource. A merchant who asks "Find my best-performing email subject lines" will see candidate campaigns from a connected email app, along with open rates or revenue metrics pulled from the app.
• App actions: Surface actionable intents inside Sidekick that take merchants into your app with the correct screen, resource, and contextual values pre-filled. Sidekick navigates the merchant to the app page and shows a confirmation prompt before any actual change occurs. For example, a merchant might ask Sidekick to "create a buy-one-get-one discount like last year's summer sale"; Sidekick could open the app’s discount creation screen with fields filled from a referenced past discount, letting the merchant confirm and save.

The coexistence of searchable data and executable actions reshapes app discoverability on Shopify. Apps become both sources of knowledge and execution endpoints inside merchants’ conversational workflows.

How app data works: indexing, relevance, and merchant value

At a technical level, app data integration requires mapping your app’s domain model into the data types Sidekick expects. Typical steps include selecting which entities to surface, defining searchable fields, attaching contextual metrics, and keeping indexes up to date.

Choosing what to surface Start with high-utility top-level entities that merchants ask about frequently: campaigns, automated flows, loyalty tiers, reviews, refunds, saved exports, discount templates, product bundles. Prioritize items that represent decisions—campaign performance metrics, refund reasons, or review sentiment—because those drive action.

Metadata and metrics Search results become far more useful when they include concise metrics and contextual cues. For a marketing app, fields such as open rate, click-through rate, revenue per recipient, or conversion rate help merchants interpret results. For a review app, average rating, number of recent reviews, and flagged reviews count give immediate signal value. Design the data model so Sidekick can display a one-line summary and key metrics with each result.

Relevance signals and ranking Relevance depends on text fields (titles, descriptions, tags), numeric signals (performance metrics, recency), and merchant-specific context (store size, inventory status, seasonal patterns). Provide both textual content and structured numeric attributes for each indexed item to enable Sidekick’s ranking to weigh what matters: recent, high-impact items should surface higher.

Incremental updates and freshness Search usefulness degrades fast with stale data. Use background jobs or webhooks to propagate changes into Sidekick’s index when an entity is created, updated, or deleted. For large datasets, prioritize items that have recent activity or high interaction rates and provide bulk reindexing endpoints to recover from mismatches.

Example: Klaviyo-like email insights Imagine an email marketing app. Each campaign object would include subject line, segment description, send date, recipient count, and performance metrics. Sidekick can surface top campaigns with subject lines and open rates. A merchant searching "best subject lines for Black Friday" will see targeted suggestions that include performance context and a link to inspect the campaign.

How app actions work: context-passing, deep links, and merchant confirmation

App actions bridge Sidekick’s discovery with an app’s operational surface. They let merchants trigger a sequence that results in an actionable screen inside the app, pre-filled with the context inferred from the merchant’s query and the selected result.

Deep linking with pre-filled context An app action requires a stable deep link (URL or route) format that accepts pre-filled parameters: IDs for resources, field values, and optional metadata about why the action was created. Sidekick constructs that URL and opens it in the Shopify admin, so the merchant lands on the right app page with fields populated.

Confirm-before-change flow Sidekick surfaces a confirmation UI before making any change. The app should load the pre-filled context and show a clear preview of the pending action, including editable fields and a prominent confirmation button. That step prevents unintended modifications and keeps merchants in control.

Handling complex workflows Some actions map to multi-step flows: create a discount that references several product collections, or initiate a partial refund that requires picking fulfillment lines. In those cases, the deep link should direct the merchant to the first meaningful step with the most-critical fields pre-populated. The app can then resume normal flow, allowing edits and validations before the final commit.

State synchronization and idempotency Because Sidekick may reroute or retry navigation, design action handlers to be idempotent or to detect duplicate intents. Include a correlation ID in the deep link parameters so the app can detect repeated attempts and avoid creating duplicate resources.

Example: Creating a discount via Checkout Links A merchant asks Sidekick to "create a limited-time discount for best-selling tops." Sidekick searches the merchant’s sales data and product tags, identifies the target collection, and shows a suggested discount. The merchant selects the suggestion; Sidekick opens the Checkout Links app to the “Create discount” screen with discount code, percentage, start/end dates, and collection pre-filled. The merchant reviews and confirms.

Developer experience: Shopify CLI, scaffolding, and deployment workflow

Shopify provides tools to get developers from idea to deployed extension quickly. The Shopify CLI scaffolds the extension project, generating the necessary manifest and boilerplate to handle app data indexing and action endpoints.

Scaffolding essentials The scaffold typically generates:

• An extension manifest declaring your extension type (app-data or app-action), permissions, and entry points.
• Sample index payloads and update handlers.
• A route or handler for actions that constructs deep links with expected parameters and handles incoming requests.
• Local testing utilities to simulate Sidekick queries and click flows.

Local development and testing Local development should mimic three phases:

1. Indexing: run a local script that builds a sample index for Sidekick to query against.
2. Actions: run a dev server that resolves action deep links and renders the confirmation UI.
3. End-to-end: use Shopify CLI tooling to register a development extension against a test store and interact with Sidekick in a sandboxed environment.

Deployment and versioning Extensions get deployed alongside your app. Each deployed version should carry a changelog for compatibility reasons because Sidekick may cache metadata. Maintain backwards compatibility in your deep link schema where possible and support versioned parameters to evolve fields safely.

Developer community and feedback Shopify encourages feedback via the Developer Community forum. Early partners reported faster adoption when they aligned Sidekick results with natural merchant language and included clear metrics. Use community channels to surface integration questions and to learn common merchant intents that Sidekick users express.

Practical product design: when to expose data and which actions to enable

Not every field or action should be exposed through Sidekick. Design choices should consider merchant value, risk, and cognitive load.

Prioritize high-value, low-risk items Expose items that provide immediate insight or minor, reversible actions. Examples include:

• Performance summaries (campaigns, loyalty tiers, review highlights).
• Templates and saved drafts (discount templates, email templates).
• Administrative items that are reversible or non-destructive (export requests, draft changes).

Limit destructive actions or require explicit confirmation For irreversible or high-impact operations—bulk deletes, mass price updates, or permanent product removals—either avoid enabling direct actions or design multi-step confirmations with explicit warnings and verification (e.g., requiring reauth or a typed confirmation).

Design for discoverability and clarity Write concise labels and add short descriptions for each surfaced item. Use merchant-friendly language that matches how merchants ask questions. If your app exposes "abandoned cart flows," document synonyms and phrases merchants might use so Sidekick returns relevant results for queries like "recover abandoned carts" or "follow up with cart abandoners."

Case study: Judge.me reviews surfaced Judge.me surfaces reviews and flags to Sidekick. A merchant asking "Show recent one-star reviews" receives a list of flagged reviews with quick actions to respond or hide. Because responding is low-risk and high-value, the app exposes actions to open the review and draft a reply; permanent removals require navigation and an explicit confirmation step inside the app.

Security, permissions, and merchant consent

Surface-level convenience cannot compromise merchant security. Apps must adhere to principle-of-least-privilege and secure data handling practices.

OAuth scopes and permission boundaries Verify that your app requests only the scopes necessary to power Sidekick features. For app data, read-only scopes may suffice. For app actions that modify store state, require write scopes and explain why those scopes are required during installation. Provide granular controls and clear consent text in the OAuth flow.

Explicit merchant consent for searching app data Merchants should understand which app data Sidekick can access and how it will be used. Provide a settings page where merchants can toggle whether specific data types are indexed. Offer transparency about what fields are included and a mechanism to remove or redact items if needed.

Audit logging and action traceability Log any action initiated via Sidekick and include a correlation ID that surfaces in both Sidekick logs and your app logs. Maintain an audit trail that administrators can consult for compliance, troubleshooting, or dispute resolution. Ensure logs capture who initiated the action, the pre-filled values, and whether the merchant confirmed or canceled.

Handle PII and sensitive data carefully Avoid indexing personally identifying information unless necessary; if you do index PII (customer emails, phone numbers), mask or tokenize values where possible and ensure retention policies align with privacy regulations such as GDPR and CCPA. Encrypt data at rest and in transit and use role-based access inside your app.

Example: Loop returns and exchange flows Return management requires access to order and customer data. If Loop integrates with Sidekick for returns, the app should index non-sensitive return metadata and require explicit write permissions for actions like issuing refunds. Audit logs must capture who confirmed the refund and provide refund IDs for reconciliations.

Testing, validation, and observability

Robust testing reduces merchant-facing regressions and ensures Sidekick integrations perform well under real-world conditions.

Unit and integration testing Unit tests should cover index-generation logic and serialization. Integration tests should validate how Sidekick queries map to your indexing format and how your action endpoints handle parameterized deep links. Mock the Sidekick query engine or use a test harness from the Shopify CLI to simulate queries.

End-to-end user testing Run user acceptance testing with real merchants or beta participants. Observe merchants’ language patterns and refine index mappings to surface better results. Track success metrics: query-to-click rate, action confirmation rate, and time-to-complete workflow.

Monitoring and performance metrics Instrument metrics for:

• Query latency: how long Sidekick takes to receive results from your index.
• Freshness: age of returned items.
• Action completion rate: percentage of initiated actions that are confirmed.
• Error rates for index updates and action handlers.

Set up alerts for high error rates and monitor logs for failed correlation IDs. Performance problems often arise from heavy index updates or blocking queries; use asynchronous indexing and caching to reduce load.

Canary releases and feature flags Roll out Sidekick features behind feature flags so you can test on a subset of stores. Use canary releases to collect real-world feedback and catch edge cases before broader deployment.

Real-world merchant workflows and examples

Concrete scenarios help developers prioritize integration work. Below are illustrative workflows using existing launch partners and likely merchant intents.

Klaviyo — discover and act on top-performing campaigns Merchant intent: "Which email campaigns drove the most revenue last quarter?" Sidekick response: Lists top campaigns with revenue and conversion rate metrics. Action: Open the campaign editor with the winning subject line pre-filled, enabling quick A/B testing for an upcoming campaign.

Loop — fast refunds and exchanges Merchant intent: "Show returns from the past two weeks for defective items." Sidekick response: Lists returns with order IDs and status. Action: Open the return processing page with selected return pre-loaded, allowing a merchant to approve or process exchanges.

Smile — loyalty program prompts Merchant intent: "Which loyalty tiers increased repeat purchases?" Sidekick response: Shows tiers with retention change percentages. Action: Open tier configuration with reward thresholds pre-populated for quick adjustments.

Judge.me — manage reputation Merchant intent: "Show flagged negative reviews for product X." Sidekick response: Displays flagged reviews and sentiment. Action: Open the review response workflow with a suggested reply template pre-filled.

Checkout Links — quick discount creation Merchant intent: "Create a 20% discount for cleared summer inventory." Sidekick response: Suggests eligible products and an expiry date. Action: Opens discount creation view with fields pre-filled and a preview of how it will apply at checkout.

Matrixify — data exports and bulk updates Merchant intent: "Export last month's orders for tax reconciliation." Sidekick response: Provides an export item with estimated row count and size. Action: Opens Matrixify export page with filters set and an export ready to run.

Each example demonstrates how indexing plus actions compresses multi-step workflows into a search-and-confirm pattern.

Best practices for high adoption and trust

Surface the right data, minimize friction, and design interactions that earn trust.

Write merchant-centric labels Use everyday merchant language. Avoid internal technical terms. For example, "top-performing email subject lines" is friendlier than "campaign.subject."

Provide concise, actionable summaries Each search result should include a short summary and one or two metrics. The summary should let merchants decide whether to open the item or execute an action.

Make confirmations explicit and informative When an action is initiated, show what will change and why. If applicable, show estimated effects (e.g., "This discount will apply to 24 active SKUs"). Allow easy cancellation.

Offer granular controls and opt-outs Allow merchants to choose which app data is indexed and whether Sidekick can perform actions on their behalf. Provide toggles at the entity level where practicable.

Prioritize performance and reliability Invest in fast, incremental indexing. Avoid synchronous on-demand indexing that can cause latency spikes. Cache query results appropriately, but provide clear mechanisms to refresh stale items.

Educate merchants within the app Include a Sidekick section in your app settings that explains what data is indexed and how actions work. Provide example queries and screenshots showing the confirmation flow.

Measure impact and iterate Track engagement from Sidekick interactions and correlate them with retention or revenue metrics. Use these signals to identify which data types and actions drive the most value and to prioritize further integrations.

Common pitfalls and how to avoid them

Integration missteps can lead to poor discoverability or risky behavior.

Indexing everything indiscriminately Avoid indexing every field your app stores. That creates noise and dilutes relevance. Start small with high-impact entities and expand based on usage data.

Overreliance on text matching Natural-language searches require semantic awareness. Combine textual fields with structured attributes and numeric signals so relevance is meaningful.

Exposing destructive actions without guardrails Require additional confirmations or limit who can perform certain actions. Implement role checks and administrative overrides.

Ignoring localization and synonyms Merchants use different terms for the same concept. Support synonyms, locale-specific wording, and field mapping for non-English stores.

Neglecting auditing and logging If merchants cannot trace who performed an action, disputes and trust issues follow. Make auditing a priority.

Business considerations: adoption, retention, and monetization

Sidekick integrations can materially change how merchants interact with an app.

Improve discoverability and activation Being surfaced in Sidekick reduces friction for merchants who may not know your app offers a feature. App-data exposure makes your functionality discoverable through natural queries, reducing time-to-value.

Increase session frequency Actionable workflows encourage repeated use because merchants can act from Sidekick without navigating complex menus. That convenience can increase stickiness and retention.

Create new monetization opportunities Consider offering premium, Sidekick-optimized features: deeper analytics fields, additional pre-built templates for actions, or priority indexing for enterprise customers. Keep clear boundaries between free and paid enhancements and ensure transparency.

Monitor conversion funnels Track conversion from Sidekick display to app visit to confirmed action. Identify drop-off points and optimize the experience: perhaps by simplifying the confirmation screen or adding a single-click undo.

Support workflows and service teams If your app integrates with human operations—customer support, fulfillment—surfacing relevant items in Sidekick can speed internal processes. For example, customer support can search for a recent order’s return status and jump directly to the handling view.

Getting started: a practical checklist for developers

Follow these steps to go from idea to production-grade Sidekick extension.

1. Inventory: Identify high-value entities and actions in your app.
2. Data model: For each entity, define searchable fields, summary text, and up to three key metrics.
3. Permissions: Determine minimal read/write scopes needed and plan an OAuth consent message.
4. Scaffolding: Use Shopify CLI to generate the extension manifest and handlers.
5. Indexing: Implement incremental indexing with webhooks for create/update/delete events.
6. Action handlers: Define deep links and build confirmation UIs that render pre-filled contexts.
7. Security: Add correlation IDs, audit logging, and role checks. Apply data masking for PII.
8. Testing: Build unit/integration tests and run end-to-end tests in a sandbox store.
9. Feature flags: Deploy behind flags and roll out to a percentage of merchants first.
10. Monitoring: Instrument query latency, action completion, error rates, and freshness metrics.
11. Documentation: Add a Sidekick section in your app’s settings and publish developer notes for store admins.
12. Feedback loop: Collect merchant and community feedback and iterate.

Roadmap and future opportunities

This initial launch focuses on data visibility and navigable actions. Future opportunities include:

• Richer interactive actions where Sidekick can orchestrate multi-step flows on behalf of the merchant (with explicit permission and safeguards).
• Deeper conversational experiences that provide guided workflows for complex tasks, such as bulk price increases or multi-product promotions.
• Marketplace discoverability: Sidekick could rank apps by helpfulness for certain merchant intents, making app visibility a long-term retention play.
• Cross-app workflows: let Sidekick combine data and actions across installed apps to propose compound suggestions (e.g., adjust inventory and trigger a promotional email).

Plan integrations so they can evolve toward those possibilities without breaking earlier contracts; use versioned parameters and backward-compatible handlers.

Where to get help and provide feedback

Shopify maintains developer documentation and a community forum for extension developers. Use those channels to:

• Report integration edge cases and request API improvements.
• Share best practices discovered during merchant tests.
• Subscribe to updates about new extension features and platform changes.

Real-world feedback accelerates platform improvements and helps other developers learn from shared patterns.

FAQ

Q: What exactly can Sidekick access in my app? A: Sidekick can index app data you choose to expose and can trigger actions you implement. You control which entities are indexed and which actions are available. Implement indexing only for fields necessary to serve merchant intents and request only the OAuth scopes required.

Q: Do merchants have to grant extra permissions for Sidekick features? A: Yes. Actions that modify store state require write scopes and explicit merchant consent during app installation or when enabling Sidekick features. Read-only indexing likewise requires merchant approval; provide clear descriptions for requested permissions.

Q: How are destructive or sensitive actions handled? A: Sidekick always shows a confirmation prompt before any state change. For sensitive operations, require additional verification, additional admin-only role checks, or multi-factor confirmations. Maintain auditable logs for all confirmed actions.

Q: Will exposing app data to Sidekick increase my app’s usage? A: Properly designed Sidekick integrations improve discoverability and reduce friction, which generally increases usage. Track query-to-action conversions and longer-term retention to measure impact.

Q: How do I keep indexed data fresh and avoid stale results? A: Use webhooks and background workers to update Sidekick’s index upon entity changes. Prioritize incremental updates and implement bulk reindexing to recover from mismatches. Monitor freshness metrics and tune your update cadence.

Q: Are there rate limits or quotas for indexing or actions? A: Follow Shopify’s developer documentation for current rate limits and quotas. Design ingestion to be asynchronous and resilient to throttling; batch updates where possible.

Q: What languages and locales does Sidekick support? A: Support for locales depends on Shopify’s Sidekick implementation and your app’s indexing strategy. Provide localized text for indexed fields and synonyms where applicable. Monitor store locale attributes and adjust indexing accordingly.

Q: Can Sidekick orchestrate multi-app workflows? A: The current launch focuses on making individual apps’ data and actions available. Cross-app orchestration is a natural future direction but requires careful design for permissions, consent, and auditability.

Q: How do I test an extension before going live? A: Use Shopify CLI to scaffold and register a development extension against a test store. Run unit and integration tests, verify index mappings, simulate Sidekick queries, and run end-to-end tests with real-world merchant phrases.

Q: Where can I send feedback or ask questions? A: Shopify’s Developer Community forum is the primary channel to submit feedback, ask technical questions, and discuss best practices with peers and Shopify engineers.

Q: What are recommended metrics to monitor after launch? A: Track query latency, index freshness, query-to-click ratio, action initiation and confirmation rates, error rates for index updates, and business signals like incremental revenue or retention tied to Sidekick usage.

Q: How should I handle PII and privacy regulations? A: Minimize PII indexing, tokenize or mask sensitive fields, adhere to regional privacy statutes such as GDPR and CCPA, encrypt data, and implement retention and deletion workflows per merchant requests. Provide merchants with controls to opt-out and request redaction.

Q: What are early partner experiences telling us? A: Early partners report that surfacing clear metrics alongside searchable items dramatically improves merchant engagement. Aligning terminology with merchant language and providing straightforward confirmation flows are key to high action confirmation rates.

Q: How can I make my Sidekick integration stand out? A: Focus on merchant intent: map queries to meaningful, concise results with one or two metrics. Offer well-crafted action templates that make common tasks a single review-and-confirm step. Educate merchants with example queries and transparent settings.

This expansion of Sidekick to all developers changes how apps interact with merchants’ workflows: apps become discoverable knowledge sources and convenient action endpoints. For developers, the work starts with careful selection of what to expose, thoughtful UX design for confirmations, and robust engineering for indexing and security. The payoff is higher engagement, faster merchant workflows, and deeper product integration within Shopify’s ecosystem.