Before it can interact with the Shopify API, your app must provide the necessary authentication credentials in each HTTP request that it makes to Shopify. The way to provide these credentials depends on the type of app that you're developing. Shopify supports two different types of apps: public apps and private apps.
A public app can interact with the Shopify API on behalf of multiple stores, as long as the app has been granted explicit permission by each merchant who installs it. Public apps can use the Embedded App SDK to be embedded directly inside of the Shopify admin.
You can create a public app from your Partner Dashboard.
Custom apps can interact with the Shopify API on behalf of only one store. Custom apps authenticate with Shopify using an installation link generated in your Partner Dashboard. The merchant uses the link to go through the OAuth process and install the app on their store.
You can create a custom app from your Partner Dashboard.
A private Shopify app can interact with the Shopify API on behalf of a single store. These apps authenticate with Shopify through basic HTTP authentication. The required credentials must be generated from the Shopify admin of the store that you want to connect with your app.
To learn more about how authentication works for private apps, see Private authentication.