In many cases we see the checkout link being generated with the domain. This causes issues. If you do this you can expect the following...

  1. High % of direct traffic. Even though you can set up cross domain tracking, you can't control the thank you page that 3rd party payments are sending traffic back to. They will use this domain.

  2. Domain verification issues in Facebook. With iOS14.5, FB now requires you to authenticate ownership of a domain in order for events to be processed for the new aggregated events measurement. We don't believe you can authenticate a domain.

  3. Affiliates or other third party trackers that rely on passing cookies. Most cookie data can only be set and shared on the same top level domain. When a user navigates to domain they will lose the data that the trackers rely on. This typically leads to poor attribution.

You should be able to avoid all these issues by simply posting your request to shop.[websitedomain].com/api/graphql instead. This may also be a good time to start using API version to ensure the API does not change unexpectedly by using shop.[websitedomain].com/api/2021-07/graphql.