amzn / selling-partner-api-models

This repository contains OpenAPI models for developers to use when developing software to call Selling Partner APIs.
Apache License 2.0
612 stars 739 forks source link

Need help on how to get started with hybrid app #1307

Closed mzeyen closed 2 years ago

mzeyen commented 3 years ago

Hello,

at the moment we are using MWS without an "real" app in the Marketplace. We have some kind of dummy at with the current Status:

"Published Current edit is in draft"

Our merchants/sellers authorizes our Developer account via the seller central to be eligable to access there MWS data.

This done in seller central via: "Manage Your Apps -> Authorize new Developer"

With the provided data from the seller (SellerID and MWSAuthToken) and our developer account data we are then able to make calls to the MWS endpoints.

How can we setup the hybrid enviorment to be able to start with creating the authorization workflow needed.

Will it still be possible for sellers to use the "Authorize new Developer" button on the "Manage your Apps" page to give the developer access.

Kind Regards, Maik

vikingcodes commented 3 years ago

@mzeyen Go to seller central and create new app with App type ="MWS SPAPI". You existing seller still use your MWS app. When you create hybrid app , it will not impact on existing users.

After create new app , select required permission carefully.

Yes, your seller still can Authorize new developer to you. If you created hybrid app.

But for make SP-API call on behalf of sellers, you need migrate MWS to SPAPI.

marconline commented 3 years ago

@mzeyen I quote what @vikingcodes wrote. If you need help with Auth & Auth, since in my opinion is a little bit though, here you find an article that I wrote: https://marco-tibaldeschi.medium.com/amazon-sp-api-auth-auth-demystified-ab3bc746729b

vikingcodes commented 3 years ago

@mzeyen Have a look into Awesome SAPAPI it will help you to find out useful resources.

marconline commented 3 years ago

Thanks for adding my article @vikingcodes

hrhearn7 commented 3 years ago

@vikingcodes Thank for the article. I am stuck at the re-direct URI. Is it suppose to be here or define it here?...."at least one OAuth Redirect URI (defined in the “App Registration” section, reachable by clicking the “Edit” button)" I am doing the workflow version and in a draft state. I tested like below: https://sellercentral.amazon.com/apps/authorize/consent?application_id=amzn1.sp.solution.XXX&version=beta And it gets to the cosent page. But once you click the button to "GO TO XXX" - there is not redirect. Is it because I am still in draft mode?

marconline commented 3 years ago

@hrhearn7 there is a bug on Amazon's interface (or into the documentation). Add also the OAuth Login URI in order to make it work. I had to dump into their JS to get it.

hrhearn7 commented 3 years ago

@marconline I have seen in other posts to add the redirect in the uri like below - I am so confused - lol

https://sellercentral.amazon.com/apps/authorize/consent?application_id=amzn1.sellerapps.app.2eca283f-9f5a-4d13-b16c-474EXAMPLE57?redirect_uri=https://d2yzyfnnpjylxu.cloudfront.net/landing.html&amazon_state=amazonstateexample&state=-37131022&version=beta

marconline commented 3 years ago

@hrhearn7, yes, your link is correct. I meant in the application details on the Amazon Seller Central portal. app

hrhearn7 commented 3 years ago

Forgive me for asking this... I feel really silly, but in the URI "OAuth Login URI "- do I need to specify the "?redirect_uri=https:?"...like below (which I do not know the redirect) https://sellercentral.amazon.com/apps/authorize/consent?application_id=amzn1.sellerapps.app.2eca283f-9f5a-4d13-b16c-474EXAMPLE57?redirect_uri=https://d2yzyfnnpjylxu.cloudfront.net/landing.html&amazon_state=amazonstateexample&state=-37131022&version=beta

Or just put https://sellercentral.amazon.com/apps/authorize/consent?application_id=amzn1.sp.solution.xxxxx&version=beta and the OAuth Redirect URI leave blank?

vikingcodes commented 3 years ago

I think OAuth Redirect URI is consider for security reason. If you leave blank then Amazon will not consider Referrer URI.

charliecode commented 3 years ago

@hrhearn7 The OAuth Login URI is used for the Marketplace Appstore Workflow, Step 1. The seller initiates authorization from the Marketplace Appstore. Once your app is approved by Amazon and published on the Marketplace Appstore a person can be redirected from the Appstore to your app.

charliecode commented 3 years ago

@hrhearn7 Also, yes. You'll want to add the redirect_uri param directly to the URL. If you do not then the redirect will default to the first OAuth Redirect URI if there are multiple.

rugved1991 commented 3 years ago

Hi @hrhearn7,

The login and redirect URLs are custom URLs created for your application to handle the OAuth flow. You can use any HTTPS URLs in the login and redirect URLs. The sellers will be redirected to the appropriate URLs based on their registration status with your application. If a seller is not registered with your app, they would be redirected to the login URL. If the seller is registered, they would be redirected to the redirect URL after providing consent to your application. The redirect URL is the one where you would receive the spapi_oauth_code and the selling_partner_id for each seller. You will need to have logic on your redirect page to fetch these values for the next steps.

https://sellercentral.amazon.com/apps/authorize/consent?application_id=amzn1.sellerapps.app.2eca283f-9f5a-4d13-b16c-474EXAMPLE57?redirect_uri=https://d2yzyfnnpjylxu.cloudfront.net/landing.html&amazon_state=amazonstateexample&state=-37131022&version=beta

This URL is the OAuth URL which will initiate the authorization for a seller. You should only use the redirect_uri param if you have multiple redirect URLs configured on your application.

Thanks, Rugved Solutions Architect, SP API

hrhearn7 commented 3 years ago

@rugved1991 I put this in (as draft mode and beta). Is this correct? Because when I press button on consent page- nothing hits the redirect. No code there yet just checking if it gets hit.

image

hrhearn7 commented 3 years ago

@rugved1991 - I was able to get spapi_oauth_code and the selling_partner_id

abdulrehmanGtech commented 3 years ago

please someone help me about OAuth selling partner api i am search for this amzn1.sellerapps.app.xxxx... i have not clue where to find it ??

github-actions[bot] commented 2 years ago

This is a very old issue that is probably not getting as much attention as it deserves. We encourage you to check if this is still an issue after the latest release and if you find that this is still a problem, please feel free to open a new issue and make a reference to this one.