Authorization API error - The application isn't configured with roles

[marconline]

After creating the client needed for invoking your new APIs, we are trying to convert our customers' existing MWS tokens to SP-API ones, using your provided call authorization/v1/authorizationCode. We get this error back: "Invalid Input - The application isn't configured with roles".

I wrote to the Developer Support and they told me that this error was caused by the fact that our application was still under review and that 10 business days would have been needed in order to be unlocked. We received the confirmation email from Amazon on the 15th of May. We still see that the application updates have been approved and waiting for publishing. So this call is still not working. Yesterday I wrote again to the Developer Support and they told me that, in order to have access to MWS (!!!) I need to have a paid Seller account. Please consider that:

1. our main developer account, the one were our MWS application was first created, was opened by Amazon in 2009. Few years ago, this account was DELETED by Amazon (without any prior notice!) and we totally lost control of our application that disappeared from everywhere. Our application was used and is currently used by thousand of sellers worldwide.
2. after getting in touch with MWS team, they succesfully linked our old application to a different Amazon account (the one I'm using to write to Developer Support). After doing that, our application come back again in our Seller Central and was finally visible in the Seller App Store. Our application is still currently used by thousand of sellers worldwide and new seller succesfully link their seller account to our application, so this application is working.
3. we have been audited by Deloitte and Amazon on our application about handling of PII. The auditing process has been succesfully completed, after months of paperwork.

But... We cannot still migrate our old MWS tokens to the new ones and I don't know why, nor I receive a correct support in order to understand WHY and WHAT to do to solve this problem. I'm really starting being a little bit tired and frustrated about this situation. I want this to be solved by Amazon in some way. I want to understand where is the problem and how to quit from this black hole.

You, Amazon, are requiring your developers to migrate to the new SP-APIs before the end of September. We are in June. I agree with you and I'm more than happy that you are revamping your API layer, but you must to give support to your developers. We are stuck. If we cannot migrate our old MWS tokens to the new SP-API ones, we will need to ask our customers to reauthenticate and this will be impossible for us.

Can please somebody in Amazon contact me and guide me EXACTLY on what is needed in order to have our application up and running and correctly linked and available for us and our customers? Please.

[marconline]

This issue has been resolved as soon as our application has been succesfully authorized by Amazon. Thanks.

[VasylKolomiiets]

Hi. I am stuck with similar issue. I am trying to use Hybrid MWS SP API .

If You use Python - please share your code snippet for get authorization code in exchange for MWS token . Or at least share - what headers are needed? . which of possible secret keys or token are used to sign such API call - request. we consider one of the following: AWS secret, LWA secret, STS secret STS token ... or may be something else? . Thanks a lot!

[marconline]

@VasilijKolomiets read my article here: https://marco-tibaldeschi.medium.com/amazon-sp-api-auth-auth-demystified-ab3bc746729b