New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Problem with request #129
Comments
Same |
same here any solution for it? |
Is your application published? |
not yet, but status is draft |
add version=beta to the params and try again |
same problem with me... |
Hello, I'm facing the same problem with self authorization. My app isn't published either, status is draft.
I guess we can't add this parameter into the code. Is there any other solution? EDIT: According to the document self authorization doesn't require the app to be published, therefore the cause of my problem must be different: |
Yes, your problem doesn't seem to be remotely related to the thread. Please just follow the documentation on how to self authorize, nothing from this thread applies to your use case. |
@sw69 Did you find a solution to this? |
@mrmosconi @sw69 @mk-hasan @NephewOfGod Can someone please have a look if the refresh token returned from last commit (5d32a0a) works in subsequent requests:
|
Please use
to get the refresh token, then pass the obtained refresh_token to one of the clients
|
Hi,
we have communication problem with amazon.
Our client logs in to our service where he clicks button "Log in Amazon". He is then redirected to url https://sellercentral.amazon.pl/apps/authorize/consent?application_id=amzn1.sellerapps.app.xxxx-xxxx-xxx-xxx-xxx&state=here_is_unique_uid. On this page our partner accepts the usage for our application and is redirected back, from that action we get selling_partner_id and spapi_oauth_code. After that we send request on https://api.amazon.com/auth/o2/token with data:
{'grant_type': "authorization_code",
'code': spapi_oauth_code,
'redirect_uri': redirect_url,
'client_id': AMAZON_CLIENT_ID,
'client_secret': AMAZON_SECRET
}
where AMAZON_CLIENT_ID and AMAZON_SECRET are LWA credentials of app. In response we receive access_token and refresh token. Till this point everything works fine.
Now we try to get orders data:
1.
We request Login with Amazon access token on /auth/o2/token with params: client_id, client_secret (LWA credentials of app) grant_type=refresh_token, refresh_token=refresh token we have from previous step. In response we receive new access_token and refresh_token.
We create assume role request on sts.amazonaws.com using AWS_ACCESS from AWS for credential and AWS_SECRET from AWS for computing signature. From that response we get SessionToken and accesskeyid.
Final request for orders: GET on sellingpartnerapi-eu.amazon.com/orders/v0/orders in Authorization header for credential we use accesskeyid from assume role request, for X-Amz-Access-Token header we use access token from 1st request, and for X-Amz-Security-Token we send sessiontoken received from assumrole request for that data we receive 403 forbidden error
HTTP/2.0 403 Forbidden
Content-Length: 141
Content-Type: application/json
Date: Wed, 07 Apr 2021 13:33:57 GMT
X-Amz-Apigw-Id: daku6GYXDoEFQPw=
X-Amzn-Errortype: AccessDeniedException
X-Amzn-Requestid: 55ff0680-a7c1-412d-830d-cc3b018ea1b9
{
"errors": [
{
"message": "Access to requested resource is denied.",
"code": "Unauthorized",
"details": ""
}
]
}
We don't have idea what is wrong. Our app have a access permission to get order.
The text was updated successfully, but these errors were encountered: