Public agent guide
Agent onboarding for Attribloom merchants
A truthful handoff map for humans and coding agents launching Shopify, iOS, or custom attribution.
Published · Last reviewed
Authorization boundary
Act only on the merchant's explicit instructions. Do not accept legal terms, grant Shopify access, upload Apple credentials, choose commission economics, approve payouts, or publish changes without the merchant's authorization.
What requires a human
- Create the Attribloom account and complete the Turnstile-protected signup form.
- Choose campaign economics, affiliate eligibility, payout currency, hold policy, and refund policy.
- Review and approve Shopify's OAuth consent screen for the canonical
.myshopify.comstore. - Authorize access to App Store Connect and decide whether an In-App Purchase key may be uploaded for one-click verification.
- Review payout eligibility and confirm the program's operational payout policy before funds move.
- Approve production code, theme, App Store Connect, and storefront changes before release.
What an agent can implement
- Read the public setup prompts, guides, Markdown twins, and OpenAPI contract.
- Prepare and test HMAC signing, conversion and refund postbacks, Shopify cart-attribute preservation, StoreKit binding, and ASSN forwarding.
- Validate request examples locally, add tests, inspect HTTP responses, and report each observed link in the verification chain.
- Guide the merchant through dashboard controls after asking what is visible, without inventing tenant state.
Management API boundary
Attribloom does not yet expose a public tenant-management API for account creation, campaigns, affiliates, connection state, balances, or payouts. Those actions remain dashboard workflows. A scoped management API is on the roadmap, but full autonomous tenant management is not available today.
Shared launch sequence
- 1
Human creates the account
Use /signup. Turnstile and the merchant's account details make this a human-attended step.
- 2
Human defines the program
Create the campaign and commission rule in the dashboard, then add or approve affiliates so their links and referral codes exist.
- 3
Agent implements the runtime path
Choose Shopify, iOS, or custom signed postback below. Keep secrets on the server and use integer minor units.
- 4
Human authorizes external systems
Complete Shopify OAuth, App Store Connect changes, and any production deployment approval.
- 5
Agent and human verify together
Run a paid/test conversion from the real trigger through the observed HTTP response and dashboard result. Record any unobserved link as assumed.
- 6
Human reviews payouts
Confirm pending versus matured balances, refunds, identity or tax requirements, and the program's operational payout policy. Review each affiliate's first payout before release.
Shopify checklist
- Human: provide the canonical
store-name.myshopify.comdomain and approve Shopify OAuth. - Agent: add the Shopify `ref` cart-attribute recipe, or confirm the affiliate's validated discount code path.
- Agent: prove the chosen referral value appears as the paid order's validated discount or
refnote attribute. - Human: place or authorize a paid test order.
- Agent: observe the attributed conversion, then refund it and observe the proportional clawback.
iOS checklist
- Human: provide the exact bundle ID, numeric Apple app ID, environment, and App Store Connect authorization.
- Agent: call
/v1/app-store/bindor/v1/app-store/bind/deferredon first launch and persist Attribloom'sappAccountToken. - Agent: pass that UUID to every StoreKit 2 purchase and forward each ASSN v2
signedPayloadunchanged with the app's forwarding HMAC. - Human: approve the app build and App Store Connect notification configuration.
- Agent: run the sandbox and production verification chain and use the ASV diagnostics when needed.
Custom postback checklist
- Keep the surface secret in server-side secret storage.
- Implement conversion and refund requests from the OpenAPI contract.
- Sign the timestamp plus exact raw body and retry transient failures with a fresh timestamp and signature.
- Use stable
externalIdandrefundIdvalues so replays remain idempotent. - Verify full and partial refund behavior in the signed webhook guide.