AvatarPortfolio

Multi-Store Unified Management

Per-store configuration isolation and secure credential management

Multi-StoreMulti-TenantConfiguration ManagementEncryptionSecurity
5 min read

Background

When building a multi-location compatible integration app, we also needed to support cases where multiple Shopify stores are operated.

Since each store uses different NextEngine store IDs and different API tokens, a mechanism to isolate and manage settings per store was required.

Design Challenges

The following challenges existed when handling multiple stores:

  • Configuration isolation - Managing different API tokens and Webhook secrets per store
  • Automatic identification - Automatically identifying which store a received Webhook came from
  • Security - Storing credentials securely

Per-Store Configuration Isolation

We built a system that allows settings tailored to each store's characteristics. For example, differences like Store A handles regular shipping only while Store B also handles refrigerated shipping can be absorbed through configuration.

When adding a new store, it can be configured independently without affecting existing store settings.

Automatic Store Identification

We implemented functionality to automatically identify which store an order came from when receiving a Webhook. This ensures the appropriate store's settings are automatically applied.

Operators no longer need to think "this order is from Store A, so..." and business complexity doesn't increase even as store count grows.

Store Data Structure

Each store holds the following information:

Store ID
DescriptionInternal system identifier
ExampleUUID format
Store Name
DescriptionDisplay name
Example"Main Store", "Rakuten Store"
Domain
DescriptionShopify store URL
Examplexxx.myshopify.com
Admin Token
DescriptionFor Shopify API authentication (encrypted)
Example***
Webhook Secret
DescriptionFor signature verification (encrypted)
Example***
NextEngine Store ID
DescriptionStore ID on order management side
Example"1", "2"
Active Flag
DescriptionStore enabled/disabled
Exampletrue/false

Store Identification Flow

When a Webhook is received, the system automatically identifies which store the order came from:

Store Identification Flow
Webhook Received

Receive data from Shopify

Get Domain

Extract source domain from header

Search Store

Search store by domain

Found
Use that store's settings
Not found
Fallback to environment variables (backwards compatibility)

When a store is found:

  • Verify signature with store-specific Webhook secret
  • Use store-specific upload pattern ID
  • Process with store-specific API token

Encryption Mechanism

Storing credentials in plain text is dangerous. If data were to leak, it could be exploited immediately.

Therefore, we adopted industry-standard strong encryption algorithm (AES-256-GCM).

Processing When Saving

Token Save Flow
Plain Text Token

Receive API token

Encrypt

Encrypt with AES-256-GCM

Base64 Encode

Convert to text format

Save to Database

Stored securely

Processing When Retrieving

Token Retrieval Flow
Retrieve from Database

Read encrypted data

Base64 Decode

Convert to binary

Decrypt

Decrypt with AES-256-GCM

Use as Plain Text Token

Use for API calls

Security Features

  • Encryption key isolation - Encryption keys are managed in environment variables, not included in code
  • Random initialization vector - Different IV generated each time, so same plain text produces different cipher text
  • Tampering detection - Authentication tag detects data tampering
  • Display masking - API responses mask tokens, only confirming whether settings exist

Architecture Comparison

Building Separate Systems for Each Store
Store A App

Separate management

Store B App

Separate management

Store C App

Separate management

This System (Multi-tenant Design)
Unified Management System

Store A config / Store B config / Store C config

Centralized management
Store A

Independent settings

Store B

Independent settings

Store C

Independent settings

Store Addition Procedure

The procedure for adding a new store is as follows:

  1. Register store information - Enter store name, domain, NextEngine store ID
  2. Configure API token - Get token from Shopify admin and register
  3. Configure Webhook secret - Set up Webhook in Shopify and register the secret
  4. Activate - Turn on the active flag to start operations

New stores can be added in minutes without affecting existing stores.

Backwards Compatibility

When adding multi-store management functionality, we maintained support for existing single-store operations.

If store information isn't registered in the database, settings from environment variables are used as before. This allowed us to update the system without changing existing operations.

Benefits

This design provides the following benefits:

  • Centralized management - Manage all store settings in one place
  • Scalability - Management workload doesn't increase as stores grow
  • Security - Credential encryption reduces leak risk
  • Independence - Independent settings per store enable flexible operations

Notes

Encryption Key Management

If the encryption key is lost, saved tokens cannot be decrypted. We recommend backing up the key to a secure location.

Disabling Stores

When closing a store, simply turning off the active flag excludes it from processing. There's no need to delete data, and reopening only requires turning the flag back on.

Related Topics

E-Commerce Automation Project

Rebuilding NextEngine integration broken by multi-location setup with a custom app

EC AutomationOrder ManagementNextEngine

Order Integration

Order data transfer from Webhook to NextEngine in multi-location environments

Order IntegrationWebhookNextEngine

Reliability Design

Achieving stable operation through automatic token renewal, locking mechanisms, and error handling

ReliabilityToken RenewalLocking Mechanism
Fulfillment Notification AutomationSpreadsheet Integration