diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4785e41e4..14beaeb4d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,8 +3,9 @@
 ## Unreleased
 
 ### Fixed
+
 - [#935](https://github.com/Shopify/shopify_api/pull/935) Fix issue [#931](https://github.com/Shopify/shopify_api/pull/931), weight of variant should be float
-- [#939](https://github.com/Shopify/shopify_api/pull/939) Hotfix for `.spin.dev` JWT validation.
+- [#944](https://github.com/Shopify/shopify_api/pull/944) Deprecated the `validate_shop` method from the JWT class since we can trust the token payload, since it comes from Shopify.
 
 ## Version 10.0.2
 
diff --git a/lib/shopify_api/auth/jwt_payload.rb b/lib/shopify_api/auth/jwt_payload.rb
index 68ece1793..867baa690 100644
--- a/lib/shopify_api/auth/jwt_payload.rb
+++ b/lib/shopify_api/auth/jwt_payload.rb
@@ -35,8 +35,6 @@ def initialize(token)
 
         raise ShopifyAPI::Errors::InvalidJwtTokenError,
           "Session token had invalid API key" unless @aud == Context.api_key
-        raise ShopifyAPI::Errors::InvalidJwtTokenError,
-          "Session token had invalid shop" unless validate_shop(shop)
       end
 
       sig { returns(String) }
@@ -44,9 +42,14 @@ def shop
         @dest.gsub("https://", "")
       end
 
+      # TODO: Remove before releasing v11
       sig { params(shop: String).returns(T::Boolean) }
       def validate_shop(shop)
-        /\A[a-z0-9]+[a-z0-9\-\.]*[a-z0-9]+\.(myshopify\.(io|com)|spin\.dev)\z/.match?(shop)
+        Context.logger.warn(
+          "Deprecation notice: ShopifyAPI::Auth::JwtPayload.validate_shop no longer checks the given shop and always " \
+            "returns true. It will be removed in v11."
+        )
+        true
       end
 
       alias_method :eql?, :==
diff --git a/test/auth/jwt_payload_test.rb b/test/auth/jwt_payload_test.rb
index 6f1fcb4d2..7ca6bdd62 100644
--- a/test/auth/jwt_payload_test.rb
+++ b/test/auth/jwt_payload_test.rb
@@ -83,15 +83,6 @@ def test_decode_jwt_payload_fails_if_not_activated_yet
         end
       end
 
-      def test_decode_jwt_payload_fails_if_domain_is_invalid
-        payload = @jwt_payload.dup
-        payload[:dest] = "https://notadomain"
-        jwt_token = JWT.encode(payload, ShopifyAPI::Context.api_secret_key, "HS256")
-        assert_raises(ShopifyAPI::Errors::InvalidJwtTokenError) do
-          ShopifyAPI::Auth::JwtPayload.new(jwt_token)
-        end
-      end
-
       def test_decode_jwt_payload_fails_with_invalid_api_key
         jwt_token = JWT.encode(@jwt_payload, ShopifyAPI::Context.api_secret_key, "HS256")