Integrations
Connect PROIGN with your existing tools and platforms. Each integration enhances specific modules with external data and functionality.
Available Integrations
Shopify
Sync orders, products, and customers from your Shopify store.
UPS
Generate shipping labels and track packages with UPS.
TaxJar
Manage tax exemption certificates and compliance.
Resend
Send transactional and campaign emails with delivery tracking.
Cloudflare Turnstile
Bot protection for public forms, registration, and contact pages.
Stripe
Subscription billing, payment processing, and usage-based metering.
How Integrations Work
PROIGN integrations follow a consistent pattern:
- Connect — Authenticate with the external service via OAuth or API keys
- Configure — Set up sync preferences and mapping rules
- Sync — Data flows automatically based on events or schedules
- Monitor — Track sync status and handle errors in the dashboard
Authentication Methods
Each integration uses the authentication method required by its provider:
| Integration | Auth Method | Credential Storage |
|---|---|---|
| Shopify | HMAC webhook validation + Admin API token | Wrangler secrets |
| UPS | OAuth 2.0 client credentials | Wrangler secrets |
| TaxJar | API key (Bearer token) | Wrangler secrets |
| Resend | API key | Wrangler secrets |
| Stripe | API key + webhook signing secret | Wrangler secrets |
| Turnstile | Site key (public) + secret key | Wrangler secrets + env var |
All credentials are stored as encrypted Cloudflare Worker secrets — they never appear in source code, environment files, or client-side bundles.
Webhook Signature Verification
Inbound webhooks from external services are always verified before processing. PROIGN validates signatures using the method required by each provider:
// Shopify — HMAC-SHA256 of request body
const hmac = crypto.subtle.sign("HMAC", key, body);
// Compare with X-Shopify-Hmac-Sha256 header
// Stripe — Stripe-Signature header with timestamp
const event = stripe.webhooks.constructEvent(
body, signature, webhookSecret
);
// UPS — OAuth token validation on callback
// TaxJar — API key in Authorization headerWebhooks that fail signature verification are rejected with a 401 status and logged for monitoring.
Data Flow
Integration data flows through Cloudflare Queues for reliability. If an external API is temporarily unavailable, messages are retried automatically:
- Inbound — Shopify webhooks arrive at the gateway, are validated, and queued for processing by the relevant module worker
- Outbound — UPS label requests, Resend emails, and Stripe billing calls are dispatched from queue consumers with automatic retry on failure
- Events — Cross-module events (e.g., order shipped, points awarded) are broadcast through the Events module for downstream consumers
API Access
All integrations can also be managed via the API. See the Endpoints Reference for integration-specific API calls.
Need a Custom Integration?
PROIGN supports webhooks and the Events module for custom integrations. You can also use our API to build your own connections.