Problem with request #129
Comments
|
Same |
|
same here any solution for it? |
|
Is your application published? |
|
not yet, but status is draft |
|
add version=beta to the params and try again |
|
same problem with me... |
|
Hello, I'm facing the same problem with self authorization. My app isn't published either, status is draft.
I guess we can't add this parameter into the code. Is there any other solution? EDIT: According to the document self authorization doesn't require the app to be published, therefore the cause of my problem must be different: |
Yes, your problem doesn't seem to be remotely related to the thread. Please just follow the documentation on how to self authorize, nothing from this thread applies to your use case. |
|
@sw69 Did you find a solution to this? |
|
@mrmosconi @sw69 @mk-hasan @NephewOfGod Can someone please have a look if the refresh token returned from last commit (5d32a0a) works in subsequent requests: |
|
Please use to get the refresh token, then pass the obtained refresh_token to one of the clients |
Hi,
we have communication problem with amazon.
Our client logs in to our service where he clicks button "Log in Amazon". He is then redirected to url https://sellercentral.amazon.pl/apps/authorize/consent?application_id=amzn1.sellerapps.app.xxxx-xxxx-xxx-xxx-xxx&state=here_is_unique_uid. On this page our partner accepts the usage for our application and is redirected back, from that action we get selling_partner_id and spapi_oauth_code. After that we send request on https://api.amazon.com/auth/o2/token with data:
{'grant_type': "authorization_code",
'code': spapi_oauth_code,
'redirect_uri': redirect_url,
'client_id': AMAZON_CLIENT_ID,
'client_secret': AMAZON_SECRET
}
where AMAZON_CLIENT_ID and AMAZON_SECRET are LWA credentials of app. In response we receive access_token and refresh token. Till this point everything works fine.
Now we try to get orders data:
1.
We request Login with Amazon access token on /auth/o2/token with params: client_id, client_secret (LWA credentials of app) grant_type=refresh_token, refresh_token=refresh token we have from previous step. In response we receive new access_token and refresh_token.
We create assume role request on sts.amazonaws.com using AWS_ACCESS from AWS for credential and AWS_SECRET from AWS for computing signature. From that response we get SessionToken and accesskeyid.
Final request for orders: GET on sellingpartnerapi-eu.amazon.com/orders/v0/orders in Authorization header for credential we use accesskeyid from assume role request, for X-Amz-Access-Token header we use access token from 1st request, and for X-Amz-Security-Token we send sessiontoken received from assumrole request for that data we receive 403 forbidden error
HTTP/2.0 403 Forbidden
Content-Length: 141
Content-Type: application/json
Date: Wed, 07 Apr 2021 13:33:57 GMT
X-Amz-Apigw-Id: daku6GYXDoEFQPw=
X-Amzn-Errortype: AccessDeniedException
X-Amzn-Requestid: 55ff0680-a7c1-412d-830d-cc3b018ea1b9
{
"errors": [
{
"message": "Access to requested resource is denied.",
"code": "Unauthorized",
"details": ""
}
]
}
We don't have idea what is wrong. Our app have a access permission to get order.
The text was updated successfully, but these errors were encountered: