Connecting third-party apps

Mechanic's built-in integrations cover popular services like Slack, Airtable, and Google Sheets — but they're just the beginning. Mechanic can connect to virtually any service that offers an HTTP API or outbound webhooks, making it a universal automation hub for your Shopify store.

Built-in integrations at a glance

OAuth-managed integrations

These integrations are authenticated via Settings > Authentication in Mechanic, so you don't need to manage API keys yourself.

Webhook-based integrations

These integrations push events into Mechanic automatically. Configure them to send data to a Mechanic webhook URL.

Connecting apps without a built-in integration

Any app with an HTTP API or webhook support can be connected to Mechanic using two general patterns: receiving data (ingress) and sending data (egress).

Receiving data from external apps

Webhooks

Most third-party apps can send outbound webhooks. Create a webhook in Mechanic (Settings > Webhooks), then point the external app at the resulting URL. Incoming data arrives as a user/ event that your tasks can subscribe to.

Scheduled polling

For apps that don't support outbound webhooks, use a scheduler subscription (e.g. mechanic/scheduler/hourly) paired with an HTTP action to pull data on a schedule.

Inbound email

Some services can send data via email. Mechanic can receive and process inbound emails as events. See Receiving email.

Sending data to external apps

HTTP action

The HTTP action supports GET, POST, PUT, PATCH, and DELETE requests with custom headers, authentication, and request bodies. It handles JSON, form-encoded, and multipart payloads.

FTP action

The FTP action uploads files to external SFTP and FTP servers — useful for EDI integrations, bulk data feeds, and partners that accept file drops.

Files and cache endpoints

Generate files (PDFs, CSVs, ZIPs) using file generator actions, then make them available at a public URL via cache endpoints for external services to fetch.

Handling authentication

Most third-party APIs require authentication. The HTTP action supports several common methods:

• API key / token in headers — The most common approach. Add an Authorization or custom header with your API key.

• Basic auth — Supported natively by the HTTP action. Supply a username and password.

• Query string tokens — Some APIs accept a key as a URL parameter.

Example: Connecting a subscription app

This example shows how to connect a subscription management app (like Recharge or Appstle) that has its own API and webhook support.

Receiving subscription events

1. In Mechanic, go to Settings > Webhooks and create a new webhook — for example, named recharge.

2. Copy the webhook URL and configure it in the subscription app's webhook settings.

3. Create a Mechanic task subscribed to the resulting event topic (e.g. user/webhook/recharge).

Calling the subscription app's API

Use the HTTP action with an API key header to call the app's API:

Updating Shopify in response

Combine the external API call with Shopify actions to keep your store in sync:

Limitations and best practices

• No arbitrary OAuth — Interactive OAuth authorization flows are only available for built-in integrations. For other services, use API keys or tokens.

• Execution limits — Mechanic tasks run within memory and time limits. For large data sets, use bulk operations or paginated polling.

• Validate webhook payloads — When receiving data from external services, consider securing your Mechanic webhooks to verify authenticity.

Next steps

• Browse the task library for existing integrations with third-party services

• I need something custom! — Get help building a custom integration

• Join the Mechanic Slack community to ask questions and share solutions