Closed renzhedj1984 closed 3 years ago
hkncnr07
commented
3 years ago Creates a destination resource to receive notifications. The createDestination API is grantless. For more information, see "Grantless operations" in the Selling Partner API Developer Guide.
You dont need to send Refresh token. You need to send scopes for grantless opeartions
renzhedj1984
commented
3 years ago Creates a destination resource to receive notifications. The createDestination API is grantless. For more information, see "Grantless operations" in the Selling Partner API Developer Guide.
You dont need to send Refresh token. You need to send scopes for grantless opeartions
Thanks alot ,I have read https://github.com/amzn/selling-partner-api-docs/blob/main/guides/en-US/developer-guide/SellingPartnerApiDeveloperGuide.md#Connecting-to-the-Selling-Partner-API-using-a-generated-Java-SDK it carefully . and use
import com.amazon.SellingPartnerAPIAA.LWAAuthorizationCredentials; import static com.amazon.SellingPartnerAPIAA.ScopeConstants.SCOPE_NOTIFICATIONS_API; import static com.amazon.SellingPartnerAPIAA.ScopeConstants.SCOPE_MIGRATION_API;
LWAAuthorizationCredentials lwaAuthorizationCredentials = LWAAuthorizationCredentials.builder() .clientId("myClientId") .clientSecret("myClientSecret") .withScopes(SCOPE_NOTIFICATIONS_API, SCOPE_MIGRATION_API) .endpoint("https://api.amazon.com/auth/o2/token") .build();
now is working !
I created Destination to SQS but always response forbidden:
com.amazon.spapi.client.ApiException: Forbidden
I step by step use https://github.com/amzn/selling-partner-api-docs/blob/main/guides/en-US/use-case-guides/notifications-api-use-case-guide/notifications-use-case-guide-v1.md config my sqs queue
{ "Version": "2008-10-17", "Id": "default_policy_ID", "Statement": [ { "Sid": "owner_statement", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::xxxxxxxx:user/jona" }, "Action": "SQS:*", "Resource": "arn:aws:sqs:us-east-1:xxxxxxxx:SQS_Study" }, { "Sid": "437568002678", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::437568002678:root" }, "Action": [ "sqs:GetQueueAttributes", "sqs:SendMessage" ], "Resource": "arn:aws:sqs:us-east-1:xxxxxxx:SQS_Study" }, { "Sid": "__receiver_statement", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::xxxxxx:role/SellingPartnerRole" }, "Action": [ "SQS:ChangeMessageVisibility", "SQS:DeleteMessage", "SQS:ReceiveMessage" ], "Resource": "arn:aws:sqs:us-east-1:xxxxxx:SQS_Study" } ] }
and this my java code:
CreateDestinationRequest body = new CreateDestinationRequest(); body.setName("sqs test"); DestinationResourceSpecification destinationRsn = new DestinationResourceSpecification(); SqsResource sqsResource = new SqsResource(); sqsResource.setArn("arn:aws:sqs:us-east-1:xxxxxxxx:SQS_Study"); destinationRsn.setSqs(sqsResource); body.setResourceSpecification(destinationRsn); AWSAuthenticationCredentials awsAuthenticationCredentials = AWSAuthenticationCredentials.builder() //IAM user的accessKeyId .accessKeyId("xxxxxx") //IAM user的secretKey .secretKey("xxxxxx) .region("us-east-1") .build(); AWSAuthenticationCredentialsProvider awsAuthenticationCredentialsProvider = AWSAuthenticationCredentialsProvider.builder() .roleArn("arn:aws:iam::xxxxxxxx:role/SellingPartnerRole") .roleSessionName("sc-sp-api-2") .build(); LWAAuthorizationCredentials lwaAuthorizationCredentials = LWAAuthorizationCredentials.builder() .clientId("amzn1.application-oa2-client.xxxxxxxx") .clientSecret("xxxxxxxxx") .refreshToken("xxxxxxxxxx") .endpoint("https://api.amazon.com/auth/o2/token") .build(); NotificationsApi api = new NotificationsApi.Builder() .awsAuthenticationCredentials(awsAuthenticationCredentials) .lwaAuthorizationCredentials(lwaAuthorizationCredentials) .awsAuthenticationCredentialsProvider(awsAuthenticationCredentialsProvider) .endpoint("https://sellingpartnerapi-na.amazon.com") .build();
So i want to know what is wrong with my code or setting