Exchanging Authorization Code for an LWA Refresh Token?

[ShaneOH]

Hey there,

Thanks for putting the work into this fantastic SDK @jlevers! I'm currently working on migrating an MWS application to an SP-API/hybrid app. Following this blog post, the steps seem fairly straightforward:

1. Use the LWA ID given in the Dev Console to generate a grantless LWA access token
2. Generate temporary credentials using AWS Security Token Service (AWS STS)
3. Make a call to Authorization API endpoint
4. Exchange authorization code for an LWA refresh token

Now, Steps 1-3 seem completely abstracted away in your SDK by calling (new AuthorizationV1Api($configObject))->getAuthorizationCode($sellerId, $devId, $mwsAuthToken) -- correct? This is great, I can see an authorization code returned from that call.

However, I'm surprised to not be finding any documentation on passing that authorization_code right back into the call to exchange for a LWA refresh token. Am I missing it somewhere? It seems like a critical part of the entire process. Searching through the repo I found your comment here: https://github.com/jlevers/selling-partner-api/issues/10#issuecomment-815444053 that seems to be the call we need. Has this been integrated into the SDK yet since then, or is it still a matter of just making a raw HTTP call to that endpoint specifically, saving the result back, and then using that token in all the SDK calls thereafter?

[jlevers]

Hey @ShaneOH -- yep, you have all that right. Steps 1-3 are covered by the library, but I never got around to integrating the code for generating a new SP API token with authorization_code. The code you linked from issue #10 is the correct code, yes. You'll just need to make that request a single time and then save the resulting refresh token.

[ShaneOH]

@jlevers Got it, thanks for the confirmation! No problem for me -- feel free to close this issue then if you want or leave it open if it's a planned feature to be added!