Administration / Workers / Deploy Workers
Cloudflare Workers

Deploy Workers

Build and publish Worker scripts directly to Cloudflare

3 Workers 2 Active Bindings 1 Stub
worker-proxy LIVE
Edge proxy · KV/D1 + Secrets Store

Resolves hostname → storefront via KV (D1 fallback), decrypts the Storefront Access Token inline using AES-256-GCM envelope encryption, then forwards GraphQL to Shopify. Writes audit rows to D1. Requires bindings D1_SHOPIFY, KV_SHOPIFY, and KEK_SHOPIFY_TOKEN from the Secrets Store.

D1_SHOPIFY KV_SHOPIFY KEK_SHOPIFY_TOKEN Secrets Store
log
worker-admin STUB · 503
Provisioning stub · no bindings

Admin provisioning worker — currently disabled. Returns 503 worker-admin is not active for all requests. Deploy this to push the disabled stub to Cloudflare and block the route until the worker is fully implemented.

No bindings required
log
worker-encryption CRYPTO
Envelope encryption · service binding only

Envelope encryption worker. Exposes /wrap, /unwrap, /rotate, and /rotate-kek via service binding only — not reachable over public HTTPS. KEK_<kid> worker secrets must be set separately via wrangler or the Cloudflare dashboard after deployment.

KEK_<kid> service-binding-only AES-256-GCM
log
Shopify Headless Storefront Proxy  ·  Cloudflare Workers
An unhandled error has occurred. Reload 🗙

Rejoining the server...

Rejoin failed... trying again in seconds.

Failed to rejoin.
Please retry or reload the page.

The session has been paused by the server.

Failed to resume the session.
Please retry or reload the page.