How get all data shipping order

[lionalex]

I try to get all shipping data of my orders in Amazon. If I call orders/v0/orders/$amazon_order_id I receive all data, but for BuyerInfo nothing and for ShippingAddress only some data. For example I don't see the street and the name of customer. I try with normal call with SignRequest and Token from standard "auth/o2/token". I read that for some data is necessary "restrictedDataToken", so I call /tokens/2021-03-01/restrictedDataToken and I receive a token, but if I use this "restrictedDataToken" in "x-amz-access-token" header for call orders/v0/orders/$amazon_order_id, i receive this error: Access to requested resource is denied

My code PHP to get restrictedDataToken is:

$response = $client->send(
                $this->getSignatureAWS()->signRequest(
                    new Request(
                        "POST",
                        $uri,
                        [
                            'Content-Type' => 'application/json',
                            "x-amz-access-token" => $this->getTokenAWS()
                        ],
                        json_encode(
                            [
                                "restrictedResources" => [
                                    "method" => "GET",
                                    "path" => "/orders/v0/orders",
                                    "dataElements" => ["buyerInfo","shippingAddress"]
                                ]
                            ]
                        ),
                        "1.1"
                    )
                )
            )->getBody()->getContents();

Where is error?

[Gounlaf]

According to the documentation, the RDT Token need to match the path of your request ; I guess you miss the $amazon_order_id in your restrictedResources payload

$response = $client->send(
                $this->getSignatureAWS()->signRequest(
                    new Request(
                        "POST",
                        $uri,
                        [
                            'Content-Type' => 'application/json',
                            "x-amz-access-token" => $this->getTokenAWS()
                        ],
                        json_encode(
                            [
                                "restrictedResources" => [
                                    "method" => "GET",
                                    "path" => "/orders/v0/orders/$amazon_order_id",<--- here
                                    "dataElements" => ["buyerInfo","shippingAddress"]
                                ]
                            ]
                        ),
                        "1.1"
                    )
                )
            )->getBody()->getContents();

[lionalex]

Thanks for your comment, but with full path included order id, the response from amazon is the same: 403 Forbidden - Access to requested resource is denied

[AlexCB400]

I have the same problem. I have been getting a response: { "errors": [ { "code": "InvalidInput", "message": "Application does not have access to one or more requested data elements: [buyerInfo, shippingAddress]", "details": "" } ] }

[diegocvazquez]

hello there did you get any solution to this issue?

[AlexCB400]

hello there did you get any solution to this issue?

Hi. Didn't find any solution yet.

[diegocvazquez]

@AlexCB400 are you able to get the BuyerInfo calling the GetIRderBuyerInfo "/orders/v0/orders/{orderId}/buyerInfo"?

[dnErf]

Hi, I am having same issue as well, I can get our RDT but when i used it on orders endpoint and replacing LWA token to RDT im getting denied.

Is there any update on this issue? or is there a work around to get the shipping address? Thanks for any help.

[diegocvazquez]

Hi, I am having same issue as well, I can get our RDT but when i used it on orders endpoint and replacing LWA token to RDT im getting denied.

Is there any update on this issue? or is there a work around to get the shipping address? Thanks for any help.

Hi there, does the developer account have access to PII information ?

[lionalex]

We founded the error. In the body we have an error. This is the correct code:

$response = $client->send(
                $this->getSignatureAWS()->signRequest(
                    new Request(
                        "POST",
                        $uri,
                        [
                            'Content-Type' => 'application/json',
                            "x-amz-access-token" => $this->getTokenAWS()
                        ],
                        json_encode(
                            [
                                "restrictedResources" => [
                                   [  <--- here
                                    "method" => "GET",
                                    "path" => "/orders/v0/orders",
                                    "dataElements" => ["buyerInfo","shippingAddress"]
                                   ] <--- here
                                ]
                            ]
                        ),
                        "1.1"
                    )
                )
            )->getBody()->getContents();

The error was that in restrictedResources we must add another array content. In the code with the new array in "<--- here"

[dnErf]

Hi there, does the developer account have access to PII information ?

Hi, I think we do, we have MWS service that is currently running fine but I will re-check it if something happen on that level, thanks. Is there anything else we should look into?

[diegocvazquez]

Hi there, does the developer account have access to PII information ?

Hi, I think we do, we have MWS service that is currently running fine but I will re-check it if something happen on that level, thanks. Is there anything else we should look into?

Not that I can think of, was just an idea but if it works with MWS with the same developer id, I guess there is another problem

[dnErf]

thanks for answering my question. I'm going to leave a snippet of how we get and use the RDT (c# code) and hopefully someone can put us on right direction.

var assumeRoleResponse = await client.AssumeRoleAsync(assumeRoleRequest);

// RDT
IRestRequest rdtRequest = new RestRequest("/tokens/2021-03-01/restrictedDataToken", Method.POST);
rdtRequest = new LWAAuthorizationSigner(lwaAuth).Sign(rdtRequest);

var rdtElements = new string[] { "buyerInfo", "shippingAddress" };
var rdtResources = new { method = "GET", path = "/orders/v0/orders", dataElements = rdtElements };
var rdtBody = JsonConvert.SerializeObject(new { restrictedResources = rdtResources });
rdtRequest.AddJsonBody(rdtBody);

awsAuthenticationCredentials = new AWSAuthenticationCredentials
{
                AccessKeyId = assumeRoleResponse.Credentials.AccessKeyId,
                SecretKey = assumeRoleResponse.Credentials.SecretAccessKey,
                Region = "us-east-1"
};
rdtRequest = new AWSSigV4Signer(awsAuthenticationCredentials).Sign(rdtRequest, restClient.BaseUrl.Host);

var executedRdt = restClient.Execute(rdtRequest);
var amazonRdt = JsonConvert.DeserializeObject<RdtResponsePayLoad>(executedRdt.Content.ToString());

// -
// ORDERS
IRestRequest restRequest = new RestRequest("/orders/v0/orders", Method.GET);
restRequest.AddQueryParameter("MarketplaceIds", "ATVPDKIKX0DER");
restRequest.AddQueryParameter("CreatedAfter", StartDate); 

restRequest.AddHeader("x-amz-access-token", amazonRdt.RestrictedDataToken); // <-

restRequest.AddHeader("X-Amz-Security-Token", assumeRoleResponse.Credentials.SessionToken);
restRequest.AddHeader("X-Amz-Date", DateTime.Now.ToString("yyyyMMddTHHmmssZ"));

restRequest = new AWSSigV4Signer(awsAuthenticationCredentials).Sign(restRequest, restClient.BaseUrl.Host);

var executedRequest = restClient.Execute(restRequest);

[loaded02]

Hi, I am having the same issue here. We have access granted for PII level. I can query the sandbox sucessfully for restrictedDataToken, but on Production I receive InvalidInput ... Application does not have access to one or more requested data elements: [shippingAddress] Does it make sense to contact Amazon Support with this?

[corbin-munce]

thanks for answering my question. I'm going to leave a snippet of how we get and use the RDT (c# code) and hopefully someone can put us on right direction.

var rdtBody = JsonConvert.SerializeObject(new { restrictedResources = rdtResources });

put it in another array like this:

var rdtBody = JsonConvert.SerializeObject(new { restrictedResources = new object[] { rdtResources } });

[github-actions[bot]]

This is a very old issue that is probably not getting as much attention as it deserves. We encourage you to check if this is still an issue after the latest release and if you find that this is still a problem, please feel free to open a new issue and make a reference to this one.

[github-actions[bot]]

closed for inactivity