Before it can interact with the Shopify API, your app must provide the necessary authentication credentials in each HTTP request that it makes to Shopify. The way to provide these credentials depends on the type of app that you're developing. Shopify supports two different types of apps: public apps and private apps.
A public app can interact with the Shopify API on behalf of multiple stores, as long as the app has been granted explicit permission by each merchant who installs it. Public apps can use the Embedded App SDK to be embedded directly inside of the Shopify admin.
You can create a public app from your Partner Dashboard.
Private apps can interact with the Shopify API on behalf of only one particular store. These apps authenticate with Shopify through basic HTTP authentication. The required credentials must be generated from the Shopify admin of the store that you want to connect with your app.
To learn more about how authentication works for private apps, see Private authentication.