Once you have the store owner’s “myshopify.com” URL, you’ll need to redirect the user to a URL where they can approve your app. The format of this URL is as follows.
{shop}
The subdomain “myshopify.com” URL that the user gave you.
{api_key}
Your API key that was provided to you, as per above.
{scopes}
This is a list of permissions that you’re asking the store owner to accept. For this example we will want the ability to read orders and modify products so I am requesting read_orders and write_products.
{redirect_uri}
Where the user should be sent to next. This is the URL for the script that will generate the token, as described in step 3 below.
// Set variables for our request
$shop = "demo-shop";
$api_key = "1r30mrvCFMfq2DLGuIXyY2veEJVgTtDD";
$scopes = "read_orders,write_products";
$redirect_uri = "http://localhost/generate_token.php";
// Build install/approval URL to redirect to
$install_url = "https://" . $shop . ".myshopify.com/admin/oauth/authorize?client_id=" . $api_key . "&scope=" . $scopes . "&redirect_uri=" . urlencode($redirect_uri);
// Redirect
header("Location: " . $install_url);
die();