# Shop connection

Source: https://gokarla.io/docs/guides/resolve/shop-connection

# Shop connection

Resolve runs on top of your order data. Once your shop is connected to Karla,
every claim a customer submits is automatically tied to a real order, real
items, and the real fulfillment state — no copy-pasting, no lookups, no
ambiguity.

## What Resolve needs from your shop

To do its job, Resolve reads from the order context Karla already maintains
for tracking. Specifically:

- **Orders and line items** — to power the issue selection and let the
  customer pick which items are affected.
- **Fulfillment status and shipments** — to know whether the order is in
  transit, delivered, or stuck, and to gate flows accordingly (e.g. a "not
  received" flow that only appears once a shipment is marked delivered).
- **Customer details** — to pre-fill the resolve UI and verify identity via
  ZIP code or token.
- **Refund and replacement endpoints** — when automations are enabled, Karla
  can issue refunds or trigger replacements directly in your shop.

If your shop is already connected for tracking, Resolve has everything it
needs. If not, see [Shops](/docs/guides/shops/overview) to pick your platform
and connect.

## How customer lookup works

Customers don't sign in. Resolve identifies the order in one of two ways:

- **Order number + ZIP code** — the default. Lightweight, works for any
  customer who has the order confirmation handy.
- **Token-authenticated link** — a secure, order-scoped link that Karla
  embeds in the notifications it sends (shipping emails, tracking page URLs,
  etc.). The token tells Resolve "this visitor is authenticated for this
  specific order," which unlocks more sensitive operations.

Token lookup is enabled by default on every shop. You can also retrieve a
token-protected URL for any order through the public
[API](/docs/api-reference) and embed it in your own emails, support macros,
or post-purchase flows.

:::tip Tokens unlock more
Order-scoped actions (cancellations, address changes, and similar sensitive
flows) are reserved for token-authenticated sessions. The set of capabilities
behind the token keeps growing — anything you embed via a token-bearing link
will pick up new features automatically.
:::

## Where claims go

Once a customer submits a claim, Karla holds it as a structured record and
makes it available to you in three places:

- The **Claims** view in the [Merchant Portal](https://portal.gokarla.io) —
  filter, inspect, and export.
- Any **helpdesk or workflow tool** you've wired up — via a native
  integration or claim webhooks. See
  [Helpdesk integrations](./integrations/overview) for setup options.
- The **Karla API** — pull claims programmatically alongside the originating
  order and shipment.

## Talking to your systems

If you want Karla to deliver claims to your service desk or internal tooling,
see [Helpdesk integrations](./integrations/overview) for native connections
and webhook setup. For the payload shape, see
[Data processing](./data-processing).

A couple of operational notes that come up:

- **All traffic uses HTTPS** with TLS 1.2 or higher. Your endpoint needs a
  valid, trusted certificate.
- **Static IP egress** is available as a premium add-on if your service desk
  sits behind a firewall and you need to allow-list a fixed source. Talk to
  your account manager if you need this.