search

amzn / selling-partner-api-models

This repository contains OpenAPI models for developers to use when developing software to call Selling Partner APIs.
Apache License 2.0
612 stars 737 forks source link

Several problems using the new SP-API (PHP) #816

Closed cgaugel closed 2 years ago

cgaugel commented 3 years ago

Hi together,

I registered as an Developer using the following instruction: https://github.com/amzn/selling-partner-api-docs/blob/main/guides/developer-guide/SellingPartnerApiDeveloperGuide.md

My Application is listed as "published" in my sellercentral account: https://ibb.co/82X33Rm

Problem 1: My Application is not shown at the Amazon Marketplace Appstore - why?

Now I went to the url https://sellercentral.amazon.de/sellingpartner/developerconsole/authorize?appId=amzn1... and made a refresh token for my seller account. After that, I exchanged the RefreshToken with an access_token:

curl --location --request POST 'https://api.amazon.com/auth/o2/token' \ --header 'Content-Type: application/x-www-form-urlencoded' \ --data-urlencode 'grant_type=client_credentials' \ --data-urlencode 'refresh_token=Atzr.....' \ --data-urlencode 'client_id=amzn1...' \ --data-urlencode 'client_secret=XXX \ --data-urlencode 'scope=sellingpartnerapi::migration'

Then I received an access_token. Now I would like to make an API-Call using this code:

$accessToken = 'XYZ';

$config = Configuration::getDefaultConfiguration();
$config->setAccessToken($accessToken);
$config->setApiKey('accessKey', 'XXX'); // my iam user access key
$config->setApiKey('secretKey', 'YYY'); // my iam user secret key
$config->setApiKey('region', 'eu-west-1'); // because i want to access the german marketplace

$apiInstance = new CatalogApi(
    new Client(),
    $config
);

$marketplaceId = 'A1PA6795UKMFR9';
$asin = 'B07VXR9VH7';

try
{
    $result = $apiInstance->getCatalogItem($marketplaceId, $asin);
    print_r($result);
}
catch (Exception $e)
{
    echo 'Exception when calling CatalogApi->getCatalogItem: ', $e->getMessage(), PHP_EOL;
}

I receive the following exception:

{
  "errors": [
    {
      "message": "Access to requested resource is denied.",
     "code": "Unauthorized",
     "details": ""
    }
  ]
}

[403] Client error: `GET https://sellingpartnerapi-eu.amazon.com/catalog/v0/items/B07VXR9VH7?MarketplaceId=A1PA6795UKMFR9` resulted in a `403 Forbidden` response:
{
  "errors": [
    {
      "message": "Access to requested resource is denied.",
     "code": "Unauthorized",
     "det (truncated...)

Any help? What am I doing wrong?

tenitre commented 3 years ago

@cgaugel I dont know about your first issue but for the second issue there is a missing step in document.

You need to get assume role for your user you created and use that AWS key and secret (also that call returns session token too you need to put it that as well)

This is for C# code snippet you will understand what I mean

AssumeRoleResponse assumeRoleResponse = null; using (var STSClient = new AmazonSecurityTokenServiceClient(accessKey, secretKey, RegionEndpoint.USEast1)) { var req = new AssumeRoleRequest() { RoleArn = roleARN, DurationSeconds = 950, //put something works for you RoleSessionName = Guid.NewGuid().ToString() };

            assumeRoleResponse = STSClient.AssumeRoleAsync(req, new CancellationToken()).Result;
        }

        //auth step 3
        var awsAuthenticationCredentials = new AWSAuthenticationCredentials
        {
            AccessKeyId = assumeRoleResponse.Credentials.AccessKeyId,
            SecretKey = assumeRoleResponse.Credentials.SecretAccessKey,
            Region = "us-east-1"
        };

        restRequest.AddHeader("x-amz-security-token", assumeRoleResponse.Credentials.SessionToken);

so in this step above:

accessKey is the key you downloaded while you create your user accessSecret same as above roleARN: thats the role ARN you created

Again not sure how to add this in PHP but you need to add session token to your request header...

good luck

lyubo-slavilov commented 3 years ago

@cgaugel @tenitre Followed this thread here I was able to crack the problem in PHP. There is a solution, but it is dirty and immature. I've already described it here: https://github.com/clousale/amazon-sp-api-php/issues/8#issuecomment-737547316

github-actions[bot] commented 2 years ago

This is a very old issue that is probably not getting as much attention as it deserves. We encourage you to check if this is still an issue after the latest release and if you find that this is still a problem, please feel free to open a new issue and make a reference to this one.