[BUG] Error Code: MD1000

[9z]

Hello

I made the oauth url according to the documentation and tested it, but I got the following error code.

Why do these errors occur?

[B627336]

I had the same error code.

It occurred when using the Oauth URI as in the developer guide explained on page 8: https://sellercentral-europe.amazon.com/apps/authorize/consent?application\_id=appidexample?version=beta

However, the error disappeared and the confirmation page appeared when using the URI on page 14: https://sellercentral.amazon.com/apps/authorize/consent?application_id=appidexample&state=stateexample&version=beta

I did not change anything else, so concluded this must be the reason.

[charliecode]

Hello @9z. This is happening because your application is in draft state and yet your trying a production authorization workflow by removing the version=beta param in the url, even though your application has not yet been approved by Amazon to do so. Add the version=beta and it will work. You cannot use the production authorization workflow until your app is out of draft state. Go here and read under "To convert your test authorization workflow to a productions workflow".

[9z]

@B627336 @charliecode Thank you for kind answer! I solved the problem I presented. I have additional questions.

After consent via Oauth testing URI, I got spapi_oauth_code. And I requested api.amazon.com/auth/o2/token for trying to get LWA refresh token, but response is empty object. Is it because spapi_oauth_code is for testing?

[charliecode]

Hello @9z, glad to hear your problem was solved! In regards to your question, the response object should not be empty. It does not matter that the spapi_oauth_code you receive is for testing, you should still be able to call the https://api.amazon.com/auth/o2/token endpoint with the appropriate parameters and receive an accurate response body with the access_token, token_type, expires_in and refresh_token returned, just as the documentation says.

If your call was successful, it really doesn't make much sense that your entire response would be empty. If the call was successful you should get a lot of data back. Regardless of the statusCode you receive in the response, your response as a whole will def not be empty. Now the response body, that should def have what was mentioned above if your call was indeed successful. So, if you're getting a statusCode of 200 and the response body is empty, that's an issue with Amazon for sure. However if your statusCode is anything other than 200, the problem more than likely lies somewhere within your request. Hope this helps!

[9z]

@charliecode Thank you very much for advice It's my mistake. I set parameters to qs. I changed to form, It works. Really thank you for advice!!

[9z]

All issue was solved! I close this issue.

[discover59]

For those who have same error, it's because \ in OAuth authorization URI.

There are 3 application\_id which should be replaced with application_id. @charliecode Please update documentation to avoid later issues.

[slopeofhope81]

I second what @discover59 said.

[AnitaStiltnerSTORD]

I am getting the same issue, with ErrorCode MD1000. My app is in published status, but when I changed the value of the "OAuth Login URI" from my app details page, it changed the status to "Published, current edit is in draft". Does that mean if I try to authorize myself through the Marketplace App Store that I have to use the version=beta flag (ie, does that mean my app is in draft status again)? Also, what is the difference between the OAuth Login URI and the OAuth Redirect URI? Is the Login URI for authorization through the Marketplace Appstore workflow and the Redirect URI is if you are using the Website workflow? I wasn't 100% certain which URI I needed to edit, because the Amazon SC documentation calls it a "OAuth Authorization URI", which does not appear on the app registration page at all. Here is what I have configured in the "OAuth Login URI": https://sellercentral.amazon.com/apps/authorize/consent?application_id=myapp&state=stateexample. It wont let me remove the Redirect URI (I've tried) so I am not sure if that is contributing to the problem. I will say though that, unlike the OPs screenshot, my error screenshot does not have the App ID above the error code. Any help?

[slopeofhope81]

@AnitaStiltnerSTORD that url looks good to me and it should work as is. could you confirm that you have put in the correct application_id?

[AnitaStiltnerSTORD]

Thanks for confirming the URI. I put it in the "OAuth Login URI" from the app registration page. Does it need to go somewhere else? Also, even though we are using the Marketplace App workflow, I put it in the "OAuth Redirect URI" (just because I was troubleshooting/testing) and now, I am not able to remove it.

[AnitaStiltnerSTORD]

@slopeofhope81 I have confirmed that I am using the correct application_id value in my URI. Any other thoughts? I appreciate your help!

[slopeofhope81]

@AnitaStiltnerSTORD did you get the application id from the seller central app correct? oauth login uri and redirect uri will come into play after this authentication..so we can about that later. If your application id is correct.. then you should create a support ticket with amazon and let them know because the error says that your id cannot be found.

[AnitaStiltnerSTORD]

Thank you. Yes, I did get the app id from our seller central app list, so I know its the right id. I have opened a case log and amazon initially responded with "The Internal Flag should be enabled from your end & once the App is published correctly.

As stated earlier : If you have a SP API application that is not published but the OAuth workflow points to Production workflow, this error is returned. To resolve, please confirm if the application is in Draft stage. If so, add version=beta parameter to OAuth Authorization URI constructed. Once the application is published, this parameter can be removed."

I shared with them that 1) we didnt understand their "internal flag" comment and 2) that I tried both options (beta and not beta) and we get the same result either time. They responded back just recently saying they are investigating and will get back to us. So, I suppose all I can do is wait for them to respond. I will post here when they do.

[slopeofhope81]

@AnitaStiltnerSTORD yea just want to let you know i got the same error before because i forgot to pass the application_id param in the url also my app id starts with amzn1.sellerapps.app.** as a reference.

[AnitaStiltnerSTORD]

@slopeofhope81 that is interesting, my app id starts with amzn1.sp.solution.**, not sure what that means.

[slopeofhope81]

@AnitaStiltnerSTORD I think that is because i chose the hybrid (mws & sp). :)

[vinodbhoj]

@AnitaStiltnerSTORD I am having the same issue, using Oracle OIC REST adapter to connect, and my app id also starts with amzn1.sp.solution.**,... Did you find any solution to your issue?

[linky225]

I have the same problem as @9z Could you tell me how you solved?

I followed this: https://developer-docs.amazon.com/sp-api/docs/website-authorization-workflow

I'm trying to make few different seller accounts to authorize by logining through my website, and I stated the application_id as my Client Id for web settings which goes as "amzn1.application-oa2-client.*****", nonetheless it gives that same error. I use the security profile/web settings ClientID. Is it wrong?

None of the seller accounts have developer account though. I dont know if this is a crucial detail.