amzn / selling-partner-api-models

This repository contains OpenAPI models for developers to use when developing software to call Selling Partner APIs.
Apache License 2.0
618 stars 741 forks source link

fba/inventory/v1/summaries 403 error #1395

Closed defenderjim closed 3 years ago

defenderjim commented 3 years ago

https://sellingpartnerapi-na.amazon.com/fba/inventory/v1/summaries

Anyone else having issues accessing this endpoint?

I am able to access other endpoints, no problem. I checked that access was granted in Seller Central.

Header: Content-Type=application/json

I am performing a GET to: https://sellingpartnerapi-na.amazon.com/fba/inventory/v1/summaries?MarketplaceIds=ATVPDKIKX0DER&granularityType=Marketplace&granularityId=ATVPDKIKX0DER1

With the response: Access to requested resource is denied. Unauthorized

jimmy-ross-xapix commented 3 years ago

i also cant access it despite having all roles enabled. I thought it might be because the store Im working on is in EU and the documentation indicates it will be released in EU at some point in "2021"...

But have not had confirmation on this either...

defenderjim commented 3 years ago

Docs do say EU not available yet. Hopefully soon! But I think the docs meant to say, "Not Available Anywhere"! ;)

defenderjim commented 3 years ago

Working! It turns out when you change permissions in Seller Central, you have to gen a new Refresh Token.

yizeku commented 3 years ago

Hi @defenderjim !

How did you solve this problem? I also encountered the same issues.

Thanks.

defenderjim commented 3 years ago

@hongtao0770 Clarify the issue you are having, I'll see if I can help.

yizeku commented 3 years ago

Error 403 is reported. The signature failed, but the call to orders/v0/orders succeeded. What is the reason?

https://sellingpartnerapi-na.amazon.com/fba/inventory/v1/summaries?details=false&granularityType=Marketplace&granularityId=ATVPDKIKX0DER&marketplaceIds=ATVPDKIKX0DER

Return signature error.

defenderjim commented 3 years ago

The endpoint won't work if the signature isn't right. What is the actual response?

yizeku commented 3 years ago

{ "errors": [ { "message": "The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.

The Canonical String for this request should have been 'GET /fba/inventory/v1/summaries details=false&granularityId=ATVPDKIKX0DER&granularityType=Marketplace&marketplaceIds=ATVPDKIKX0DER host:sellingpartnerapi-na.amazon.com x-amz-access-token:Atza|IwEBIF0vKKzwLVd_y5mnOA1TVDqWpU2W2DBYJJf947cOOmOvtMt9ILk9gKQfy-BE1p14Z2N7mKpCvqfVvqKb3YNjqOD3ielcDqPXtKk15D66Dv2a0eJETF9PcYninbskz-8v1e-wTbIcJVZpyKd-pg_v715V2tS9J-2zurwM4jYa4lbEWc2gEWhmp0VG7maQZEqrNYGak8RXXV5ak6ZtMfxE99j-dNYxbGmZh9JCQBIBd7DbUMFXa5gj2fV5T2F1lkpnIjOEMxv........ x-amz-date: 20210827T152846Z x-amz-security-token:FwoGZXIvYXdzEFEaDCEcDnkTjFQNXnkffSLIAUvDI7z9N+B6aDu8fPZokp8114/jQvICA3xHEK+UtnLFnls2yEd8dISwmqED7n6cI/f5mQxu+SGLWFxUF20SQGcwEbZ8JR8Bv4UCvvhpN/pl6s/6YfvtUnsHz8p+utH06C484S0sTl0W8KmBEakNmiSOnm+ZFy67aq6GJ4QQkHLVBwO901z+Vfj/QeuET7pFF8bkZlYYKw4w74dRyna3EpNSUcE6mKJpw4LalFrXnj7jyWa6nmWlhlkObrxUWybr7fdHCGRAp+/gKK2JpIkGMi0B.............

host;x-amz-access-token;x-amz-date;x-amz-security-token e3b0c44298fc1c149afbf4c8996fb92427ae41e...... The String-to-Sign should have been 'AWS4-HMAC-SHA256 20210827T152846Z 20210827/us-east-1/execute-api/aws4_request 86355f2253d02f01dbdca0d8a31d3d77f473f894cade6466....' ", "code": "InvalidSignature" } ] }

defenderjim commented 3 years ago

Edit this post and remove the tokens.

yizeku commented 3 years ago

Remove x-amz-access-token and x-amz-security-token?

defenderjim commented 3 years ago

Amazon supplied java and c# libraries, available on GitHub to sign the request. I use that. I don't know if they have since fixed it, but there is a bug in the C# version where you need to perform an assume role. It's in the java code, but not the c# code. Are you using one of these libs?

defenderjim commented 3 years ago

Remove x-amz-access-token and x-amz-security-token?

Not in your code, in the post for security reasons.

yizeku commented 3 years ago

I use C#

yizeku commented 3 years ago

I think there should be no problem with signing, because it can call the API of the order, but I don't know why.

defenderjim commented 3 years ago

The Amazon error response is useless. It will tell you there is a signature error when it doesn't like one of the parameters you provided. For instance, the MarketplaceId parameter is inconsistent, and is capitalized differently and is sometimes singular or plural throughout the docs.

If you want working code, I can point you to that.

yizeku commented 3 years ago

Can you show me your c# code or Java?

I have another question: image

Do you know how to save this file?

defenderjim commented 3 years ago

About the file, I don't understand. Not enough info.

For c# code, go here: https://sellercentral.amazon.com/forums/t/configuring-the-c-sdk-for-the-selling-partner-api/718563/37 Look at the Dec 20, May 18, and June 30 posts.