search

jlevers / selling-partner-api

A PHP client library for Amazon's Selling Partner API
BSD 3-Clause "New" or "Revised" License
404 stars 197 forks source link

getAuthorizationCode() func returns Invalid_client issue. #578

Closed sathishInno closed 1 year ago

sathishInno commented 1 year ago

When I try to get the LWA token using "POST https://api.amazon.com/auth/o2/token" with valid credentials, I get an error, but I can get the LWA token using Postman. I am not sure what is going on in the request, and even after changing the header, I am still getting a different error. Need assistance on what the issue is, or does anything need to be changed?

Error:

With [Content-Type] => application/json I'm getting this error Client error: POST https://api.amazon.com/auth/o2/token resulted in a 401 Unauthorized response: {"error_description":"Client authentication failed","error":"invalid_client"}

For [Content-Type] => application/x-www-form-urlencoded;charset=UTF-8 The error is: {"error_description":"The authorization grant type is not supported by the authorization server","error":"unsupported_gr (truncated...)

code from the example(https://github.com/jlevers/selling-partner-api#examples) same and gave the working credentials.

jlevers commented 1 year ago

Is your application set up as a hybrid SP API/MWS application? If it's set up as a pure SP API application (per the relevant dropdown in the app config on Seller Central), you won't be able to call getAuthorizationCode.

sathishInno commented 1 year ago

It was created as a pure SP API and has now been changed to hybrid, but there is still no response. What happens after MWS is unavailable if we can not call getAuthorizationCode in a pure SP-API application?

When the MWS expires, the application is forced to become a pure SP API application.

jlevers commented 1 year ago

You'll probably need to generate a new refresh token for the changed app type to start making a difference in your code.

The point of the getAuthorizationCode endpoint is to do a one-time conversion of old MWS credentials into SP API credentials, so once you've migrated your existing credentials over, you shouldn't need to call it again.

sathishInno commented 1 year ago

As you mentioned, we need to generate a new refresh token for the hybrid app.We can then use that to obtain the LWA token and proceed with the other APIs.So we are using the same sp-api application credentials, right? I am not sure what the second line means.