Integrations
External service integrations for Syntropy Journals. Covers Shopify (partner + consumer), auth, payments, and analytics. Updated: 2026-03-28
Entity Model: Protocol-Product Relationship
In Syntropy Health, a Protocol is the primary entity — it represents a wellness usage plan (dosage, frequency, timing, duration). A ProtocolProduct is the underlying physical item (supplement, probiotic, device) that the protocol wraps. Key distinction:- ProtocolProduct = what you buy (a bottle of magnesium)
- Protocol = how you use it (2 capsules, twice daily, with meals, 30 days)
- UserProtocol = your commitment to follow it
- ProtocolCheckIn = did you follow it today?
Code note: The DB model is currentlyProduct(tableproduct). A rename toProtocolProductis planned to align with domain language. Documentation usesProtocolProductas the canonical name.
Shopify Integration Overview
Two distinct Shopify integration paths serve different roles with different permissions and data flows.Permission Matrix
Partner App (Shopify Protocols)
| Scope | Permission | What It Accesses | Direction |
|---|---|---|---|
read_products | Shopify OAuth | Product titles, descriptions, variants | Pull from Shopify |
write_products | Shopify OAuth | Product metafields (shrine_protocols namespace) | Push to Shopify |
integration:read | Journals Bearer token | Adherence stats, feedback, retention | Pull from Journals |
integration:write | Journals Bearer token | Protocol CRUD (create, update, archive) | Push to Journals |
Consumer App (Individual User)
| Scope | Permission | What It Accesses | Direction |
|---|---|---|---|
| Clerk JWT | User auth | Connect/disconnect/status/sync | All |
| (No Shopify OAuth) | Via store URL only | Order line items → protocol extraction | Pull from Shopify |
MCP Server (OpenClaw)
| Scope | Permission | What It Accesses | Direction |
|---|---|---|---|
health:read | Clerk JWT (OAuth 2.1) | Subscribed protocols, check-in history | Pull from Journals |
health:write | Clerk JWT (OAuth 2.1) | Log check-ins, food entries | Push to Journals |
| (No Shopify access) | N/A | MCP never touches Shopify directly | N/A |
Partner Data Flow
The partner flow starts at the Shopify store and ends with anonymized analytics flowing back.Partner API Endpoints
| Method | Route | Auth | Rate | Operation |
|---|---|---|---|---|
| POST | /api/v1/protocols | Bearer (write) | 20/min | Create protocol |
| PUT | /api/v1/protocols/{id} | Bearer (write) | 20/min | Update protocol |
| DELETE | /api/v1/protocols/{id} | Bearer (write) | 20/min | Archive protocol |
| GET | /api/v1/analytics/summary | Bearer (read) | 60/min | Partner-wide metrics |
| GET | /api/v1/analytics/protocols/{id}/adherence | Bearer (read) | 60/min | Per-protocol adherence |
| GET | /api/v1/analytics/protocols/{id}/feedback | Bearer (read) | 60/min | Anonymized feedback |
| GET | /api/v1/analytics/protocols/{id}/retention | Bearer (read) | 60/min | Completion funnel |
Partner Auth Flow
Consumer Data Flow
The consumer flow starts when an individual user connects their Shopify store to sync supplement purchases.Consumer API Endpoints
| Method | Route | Auth | Operation |
|---|---|---|---|
| POST | /api/consumer/shopify/connect | Clerk JWT | Link store URL |
| POST | /api/consumer/shopify/sync | Clerk JWT | Trigger order sync |
| GET | /api/consumer/shopify/status | Clerk JWT | Integration status |
| DELETE | /api/consumer/shopify/disconnect | Clerk JWT | Soft-delete integration |
Shopify OAuth Flow (Partner Store Connection)
Data Privacy Boundary
Privacy rules:- Partners only see aggregate metrics, never individual user data
- Users must opt-in (
share_data_with_partner=trueon UserProtocol) - Feedback is anonymized before partner access
- No PII (email, name, health profile) crosses the boundary
Database Models
Secrets Setup (GitHub Actions → Railway)
Required secrets for CI/CD deployment. Add via Settings > Secrets and variables > Actions.| Secret | Where to get it | Required | Setup doc |
|---|---|---|---|
RAILWAY_TOKEN | Railway Dashboard → Project-scoped token | Yes | — |
OPENAI_API_KEY | OpenAI Dashboard or OpenRouter | Yes | — |
CLERK_SECRET_KEY | Clerk Dashboard → API Keys → Secret key | Yes | Clerk API Token |
STRIPE_SECRET_KEY | Stripe Dashboard → Secret key (sk_...) | Yes | Stripe + Clerk Subscription, reflex-stripe README (see monorepo libs/) |
STRIPE_WEBHOOK_SECRET | Stripe Dashboard → Endpoint → Signing secret (whsec_...) | No | Stripe + Clerk Subscription |
REFLEX_DB_URL | Supabase Dashboard → Settings → Database → Connection string (Transaction mode) | Yes | — |
TEST_DB_URL | Same as above, test project | No | — |
POSTHOG_PROJECT_API_KEY | PostHog Dashboard → Project → Settings → API Key | No | — |
HUBSPOT_API_KEY | HubSpot Developer → Private App → Access token | No | — |
| Variable | Where to get it | Setup doc |
|---|---|---|
CLERK_PUBLISHABLE_KEY | Clerk Dashboard → API Keys → Publishable key (pk_...) | Clerk API Token |
STRIPE_PUBLISHABLE_KEY | Stripe Dashboard → Publishable key (pk_...) | reflex-stripe README (see monorepo libs/) |
prod or test):
| Secret | Scope | Why scoped |
|---|---|---|
RAILWAY_TOKEN | Per environment | Different Railway project tokens for test vs prod |
REFLEX_DB_URL | Per environment (recommended) | Different Supabase projects for test vs prod |
Drift cleanup:deploy_railway.shdeletes Railway variables not inenvs/templateorenvs/template.railway. SetDRY_RUN=trueto preview.
Integration Docs
| Document | Description |
|---|---|
| Shopify Protocol Sync | Cross-app data flow, metafield schema, sync tracking |
| Stripe + Clerk Subscription | Payment processing, subscription tiers, Clerk metadata |
| Clerk API Token & Passcode | API tokens, 6-digit passcodes, external app integration |
| Junction Wearables | Wearable health scoring via Junction API |
| Call Logs API | Directus-based call log ingestion pipeline |
| Amazon Affiliate | Product Advertising API integration |
| Google Tag Manager | Analytics and tracking setup |
| Integration Roadmap | Wearable, CGM, EHR, purchase intelligence roadmap |