Closed vazmin closed 3 years ago
I'm also looking for the answer.
@vazmin : in past (using MWS) they needed to authorize twice. I don't know exactly in SP-API, but I guess it's the same, since the Authorization URL changes. The rate, at least in the past, was a combination of seller and application, so - since they were two different users (even if they were on the same account), they were indipendent. Hope this is the same for SP-API.
@marconline
I tried to use the authorization of a store in North America to request data in Europe, but it didn't deny me access. It returned the payload of an empty list normally.
After authorized by the US store, you can see the authorization information in my application list, but you can't find the authorized application information after switching to Mexico or Singapore.
I didn’t find the relevant clear instructions, nor did I have enough data to verify, only the existing data was guessed, and the results were a bit ambiguous, which made me feel confused.
I really don't know. On the docs there is just this sentence: Important. If you have a hybrid Selling Partner API applications, your calls to Amazon Marketplace Web Service (Amazon MWS) endpoints have the same restrictions as an Amazon MWS application. That is, when you call an Amazon MWS endpoint, you must use Amazon MWS Access Keys associated with the region that the endpoint comes from.
So it seems that:
Who knows! I'll discover as soon as we migrated some of our customers. I'll keep you posted.
@marconline Looking forward to your good news.
I don't know much about MWS. Do I need to authorize twice or three times in North America, Europe and the Far East?
SP API has two authorization endpoints, one in exchange for tokens, and three regional endpoints.
@vazmin Yes, with MWS you need to authorize twice or three times, even because application ids are different for each region. But I supposed that the SP-API token was different as well for each of the three regions as well. I'll let you know.
Hi @vazmin, right now I can tell that the MWS Token behavior it's the same as before (i.e. 1 token for the same region, while different for different regions). I will get into this more in the next days, will keep you posted on my discoveries.
@vazmin Amazon oauth_code, refresh_token and access_token valid for a region.
Amazon post following parameters to your return_uri in hybrid app case.
mws_auth_token=amzn.mws.7cbb909e-yiiss-3333 spapi_oauth_code=ANSeLgKaDneaSVGeqBRuDj&state=Test selling_partner_id=A36ECEDAZHEJK6
You need Exchange oauthcode with refresh_token and access_token.
@vikingcodes, sounds good because it reflects what's the actual behavior on MWS. But there is a strange thing: how is it possible that @vazmin suceeded in calling the EU endpoint using a NA token? Isn't it a strange behavior?
@marconline It's not possible. I tested that many times. I will try that flow today again. Will confirm with you.
@vikingcodes , oh nice! Thanks, I'll test tomorrow as well with a EU token going on NA endpoint and will double check. Thanks
getting the following error when using NA acess_token to access EU API .
{ "errors": [ { "message": "Access to requested resource is denied.", "code": "Unauthorized", "details": "" } ]
getting the following error when using NA acess_token to access EU API .
{ "errors": [ { "message": "Access to requested resource is denied.", "code": "Unauthorized", "details": "" } ]
Using an access token will definitely be rejected. Have you tried to use refresh_token to get access tokens in different region to access again?
Have you modified the region of AWSAuthenticationCredentials
?
@vazmin , there is no marketplace / region connection when you refresh token, as far as I know. So the link between token and marketplace / region is probably written inside the token. This means that a seller, selling on multiple regions (eg. EU and NA) will have to authorize you at least twice, as he does today with MWS. @vikingcodes , is my assumption correct?
@marconline You received an authentication code when amazon posts parameters to app's return_URI.
That means posted parameters belongs specific to any regions
mws_auth_token=amzn.mws.7cbb909e-yiiss-3333 spapi_oauth_code=ANSeLgKaDneaSVGeqBRuDj&state=Test selling_partner_id=A36ECEDAZHEJK6
Later you exchange that authentication code to refresh the token.
But it still belongs to specific regions.
But if you exchanging authentication code to another region's refresh token then you will receive the following error
{ "error_description": "The request has an invalid grant parameter : code", "error": "invalid_grant" }
Re-run the previous test case found that it could not pass
If the seller has stores in two regions, does it need to be authorized separately on https://sellercentral.amazon.com and https://sellercentral-europe.amazon.com ?
If multiple authorizations are required, is the rate shared or independent?