Using the same SP API developer on different Seller accounts

[bm-lucas]

I currently manage the integrations with different Seller accounts using the old MWS Api. These integrations share the same developer account, so I use the same pair of access-secret and a different mwsAuthToken for each Seller.

I've managed to successfully configure, on one of the Sellers (SELLER_1), the new SPApi integration. I followed the Self Authorization workflow and I am now able to correctly authenticate and perform Api calls on SELLER_1. Note that I left the app in draft, since the doc clearly states that "You can self authorize your application in draft state; there is no reason to publish your self-authorized application to the Marketplace Appstore.".

I am now trying to use the same developer account and the same app to perform SPApi calls on a different SELLER_2, using the Authorization Api.

To do this, I call the https://api.amazon.com/auth/o2/token endpoint with the following payload:

{    
     "grant_type": "client_credentials",
     "client_id": ** LWA clientId from the app on the working SELLER_1 account ** ,
     "client_secret": "***",
     "scope": "sellingpartnerapi::migration"
}

And this gives me a LWA access_token, that I am then using to call the Authorization Api, passing it the SELLER_2 id and the MwsAuthToken that I am already using to call MWS. I get the following error:

{ "code": "InvalidInput", "message": "A published application with the provided app-id not found", "details": "" }

So it seems to me that the SELLER_2 cannot find the app I created, since I have not published it. I have no reason to publish the app on the Marketplace Appstore, so I'd prefer to leave it in draft.

Am I missing something here? Is there a way that I can keep using the same developer on different Seller accounts without having to publish my app on the Marketplace Appstore?

[vikingcodes]

@bm-lucas Your main objective call SPAPI behalf on other seller.

Its not possible on draft mode , its only possible when application publish on appstore.

FYI: Right now you generating access token , and can be only for self authorization.

For call API on behalf of other seller you need following.

1. Generate access token
2. Generate authorizationCode
3. Exchange LWA authorization with refresh token
4. Generate access token
5. Call API like Order API / report API

[ShivikaK]

Hello @bm-lucas

Thank you for raising this issue.

The Authorization API can only be used with a published hybrid application. But you can test authorization workflow for seller accounts by following the website workflow steps provided in the Developer Guide -

https://github.com/amzn/selling-partner-api-docs/blob/main/guides/en-US/developer-guide/SellingPartnerApiDeveloperGuide.md#authorizing-selling-partner-api-applications

The major difference will be that your OAuth Authorization URI should have the flag version=beta as it is your draft application that is being authorized by the seller accounts.

Please refer to below documentation for further details -

https://github.com/amzn/selling-partner-api-docs/blob/main/guides/en-US/developer-guide/SellingPartnerApiDeveloperGuide.md#website-workflow

Thanks, Shivika Khare Selling Partner API Developer Support

[bm-lucas]

Thank you for your answers.

But is it possible to publish the application as "private"? I still miss the need to have a public application published in the AppStore if my only need is to make API calls on just two Sellers.

[BoyOhu]

Hi,Whether we can obtain the data of the designated authorizer, what we have seen so far is based on the region without distinguishing the authorizer. @ShivikaK

[ShivikaK]

Hello @bm-lucas

There is no functionality to have the application published as "Private" in Appstore.

You can either have the two sellers authorize your draft state application based on my suggested steps but if you want to use Authorization API to get seller authorizations for SP API, you will need to have the app published.

Please let me know if you have further questions or concerns.

Thanks, Shivika Khare Selling Partner API Developer Support

[ShivikaK]

Hi,Whether we can obtain the data of the designated authorizer, what we have seen so far is based on the region without distinguishing the authorizer. @ShivikaK

Hello @BoyOhu

Can you please elaborate on your question?

Thanks, Shivika Khare Selling Partner API Developer Support

[BoyOhu]

Hi,Whether we can obtain the data of the designated authorizer, what we have seen so far is based on the region without distinguishing the authorizer. @ShivikaK

Hello @BoyOhu

Can you please elaborate on your question?

Thanks, Shivika Khare Selling Partner API Developer Support

Helllo @ShivikaK For example, if there are multiple authorizers under one SP developer account, how can we obtain the data of the designated authorizers separately? Thanks BoyOhu

[ClementeGao]

@bm-lucas can you give me your email address? i want to ask you some question

[ClementeGao]

@ShivikaK can you share your email address? i have some question to ask you thank you

[jiangdi0924]

same issue ,OP has fixed it ?

[mohit11115]

Were you able to ever solve this or find a solution?

We also have a private app that needs to be authorized by a limited number of sellers, but self-authorization is giving "Unable to find application" error.

Will using the Tokens API solve this?

Is there any other way out of this?

[AmandeepSingh179]

@BoyOhu were you able to find any solution. Facing the same issue here. @ShivikaK

[github-actions[bot]]

This is a very old issue that is probably not getting as much attention as it deserves. We encourage you to check if this is still an issue after the latest release and if you find that this is still a problem, please feel free to open a new issue and make a reference to this one.

[github-actions[bot]]

closed for inactivity

[chadsaun]

I ran into this same issue and figured out to solve it in my situation which seems appropriate here.

I manage two different seller accounts for a business. We just added the second account and want to include it in our integration.

For our SELLER_1 account we have also setup an app in "draft" status since it's a private app for our business.

I have now authorized SELLER_1 account to connect to Amazon's SP API on behalf of SELLER_2 account.

To do this, you need to "authorize your application to access a different selling partner account". The instructions can be found in Amazon's documentation under "To self-authorize your application (seller application)"

The key here isn't to just authorize your app. In my case, this was already done a long time ago when I created the app for SELLER_1 to use the API. You need to click, at the bottom of the page, choose sign in to that account.

Here are my instructions:

1. Log into Seller Central
2. Menu → Apps and Services → Develop Apps
3. On the Action button for the app select the drop down menu and click on Authorize
4. Click the Authorize App button for the appropriate Marketplace
5. On the Authorize application page, at the bottom of the page, choose sign in to that account.
6. On the Seller Central sign-in page, sign in using the credentials for the selling partner account that you want your application to access.
7. On the Authorize application page, choose Authorize app to get a refresh token.

Once you have this refresh token, then all you need to do is use this refresh token whenever you want to call the API for SELLER_2 account. All the other credentials should stay the same as your SELLER_1.

In my case, my credentials would follow this dictionary structure and then just use the appropriate refresh token based on which seller account you want to use.

{
    'refresh_token': refresh_token,
    'lwa_app_id': os.getenv(f"LWA_APP_ID"),
    'lwa_client_secret': os.getenv(f"LWA_CLIENT_SECRET"),
    'aws_access_key': os.getenv(f"SP_API_ACCESS_KEY"),
    'aws_secret_key': os.getenv(f"SP_API_SECRET_KEY"),
}

[sdepablos]

@chadsaun Amazing, that's exactly what a lot of us need. Have a single developer account, and a single app, but authorize multiple selling accounts

1. Apps and services > Develop apps in the account where you have the developer profile,
2. In your private app, Action > Edit App > Authorize
3. At the bottom of the authorizations, "sign in to that account"
4. Access with an account that has access to your other selling accounts (in my case, a secondary account that has access to ALL the other accounts)
5. You can authorize all the different accounts (i.e. here the EU region appears multiple times, one for each account)