Current Decoded Session Token
This is the decoded session token that was sent to the server after the OAuth handshake finished.
You can use the backend middleware
withSessionToken to verify the API request came from the currently logged in shop
Wrap your API route with
withSessionToken to access the shop's origin (a.k.a the shop's name in
shop-name.myshopify.com format) in the backend.