search

jlevers / selling-partner-api

A PHP client library for Amazon's Selling Partner API
BSD 3-Clause "New" or "Revised" License
404 stars 198 forks source link

Access to requested resource is denied. #615

Open SepuWeb opened 1 year ago

SepuWeb commented 1 year ago

Problem description:

Error:

errors": [ { "code": "Unauthorized", "message": "Access to requested resource is denied.", "details": "" } ] }

# Your error here. PLEASE make sure to redact secrets from your error log!

If I call VendorOrdersV1Api->getPurchaseOrders it works, so all security and rule and configuration are wright.

If I call these methods: CatalogItemsV20220401Api->getCatalogItem CatalogItemsV0Api->getCatalogItem VendorDirectFulfillmentOrdersV20211228Api->getOrders

return the error: { "code": "Unauthorized", "message": "Access to requested resource is denied.", "details": "" }

Code

use Exception;
use Illuminate\Http\Request;
use SellingPartnerApi\Api\CatalogItemsV20220401Api;
use SellingPartnerApi\Api\VendorOrdersV1Api;
use SellingPartnerApi\Configuration;
use SellingPartnerApi\Endpoint;

class AmazonVendorController
{
 private function getConfiguration()
    {

        $config = new Configuration([
            "lwaClientId" => env('LWA_CLIENT_ID'),
            "lwaClientSecret" => env('LWA_CLIENT_SECRET'),
            "lwaRefreshToken" => env('LWA_REFRESH_TOKEN'),
            "awsAccessKeyId" => env('AWS_ACCESS_KEY_ID'),
            "awsSecretAccessKey" => env('AWS_SECRET_ACCESS_KEY'),
            "endpoint" => Endpoint::EU,
            "roleArn" => env('ROLE_ARN'),
        ]);

        return $config;
    }
$config = $this->getConfiguration();

        $apiInstance = new CatalogItemsV20220401Api($config);
        $marketplace_id = "APJ6JRA9NG5V4";

        try {
            $result = $apiInstance->getCatalogItem($marketplace_id, $asin);
            dd($result);
        } catch (Exception $e) {
            echo 'Exception when calling CatalogItemsV0Api->getCatalogItem: ', $e->getMessage(), PHP_EOL;
        }
}

Seller Central SP API config page screenshot

your screenshot here

image
igormatkovic commented 1 year ago

@SepuWeb did you ever get this sorted?

SepuWeb commented 1 year ago

no, in the end I switched to the official Amazon SDK.

da-mask commented 1 year ago

This sucks. I'm having a similiar issue with calling createShippingLabels on createShippingVendorDirectFulfillmentShippingV20211228Api . Maybe something is broken with adding RDT's to requests? Are you registered as a Private Developer too?

I'd be nervous working on a PR too, as @jlevers doesn't seem to have looked at this repo in a few months.

cguweb-com commented 8 months ago

correct, gentlemen.. I am having the same permissions issue trying to use RDT.

I can actually get it to at least successfully generate and return an RDT now, but what am I supposed to do with it? Just simply calling a RDT report straight afterwards doesn't seem to automagically send the correct access token (the RDT) as I was hoping, so I am lost.

Do I need to generate the RDT, then somehow tell the SDK to use it instead of normal access token? Do I simply pass it in the config array?

in /lib/Authentication.php, there is the getRestrictedDataToken method I call to successfully generate the RDT, and it appears to just pass it back, so I am stuck with how to use it after generating :(

in official docs, it says the RDT needs to be passed in the x-amz-access-token header, in place of the usual LWA token - ok, but using this library, how do we do that???

any suggestions or solutions would be greatly appreciated!

thanks Chris