Question posted in 
I’ve been trying to make calls to the Amazon SP-API using the Amazon-SP-API-CSharp NuGet.
https://github.com/abuzuhri/Amazon-SP-API-CSharp
I am trying to authenticate the same way the code samples on the github page show:
AmazonConnection amazonConnection = new AmazonConnection(new AmazonCredential()
{
AccessKey = "AKIAXXXXXXXXXXXXXXX",
SecretKey = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
RoleArn = "arn:aws:iam::XXXXXXXXXXXXX:role/XXXXXXXXXXXX",
ClientId = "amzn1.application-XXX-client.XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
ClientSecret = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
RefreshToken= "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
MarketPlace = MarketPlace.Germany
});
When I try a simple call to get orders this way, I get the following error:
Error getting LWA Access Token
with the inner exception stating
Unsuccessful LWA token exchange
There is no information in the error more specific than that.
Prior to this we went through the whole AIM and app setup with my manager (I don’t have access to Seller Central), and he gave me all the secret keys and IDs we were able to find.
I am confident that I have the correct values for AccessKey, SecretKey, RoleArn, ClientId and ClientSecret.
So my suspicion lies with the RefreshToken. I’ve been trying to use a value called "SP-API-Token" as this is the only value we found in the Amazon UI that is a token. Apparently this is not the correct approach, but I am at a loss as to how to get this value.
After some searching I found this topic
Amazon SP-API authentication
which led me to this Postman collection
https://github.com/ionafan2/selling-partner-api-postman-sandbox
and ultimately to this guide:
https://developer-docs.amazon.com/sp-api/docs/using-postman-for-selling-partner-api-models
I’ve tried to utilize both of them to retrieve the refresh token.
So far the only call I’ve made that was successful was a call to AssumeRole from the first link – https://sts.amazonaws.com/?Version=2011-06-15&Action=AssumeRole...
while it’s a real breakthrough that I finally managed to call something on Amazon that didn’t return ‘Unauthorized’, this doesn’t return the Refresh token.
I have tried following the guide provided by Amazon. It’s quite convenient, it even has videos. However the Postman requests shown in the videos don’t correspond with the Postman requests I got when I downloaded the Postman files as the guide suggests:
I would love to call the Get LWA Refresh token request, but I simply don’t have it.
Instead I got this:
this endpoint requires the following parameters: sellingPartnerId, developerId, mwsAuthToken. These are three completely different secret values from the other 6 secret values I need to call the SP-API endpoints, but never mind that for now. Elsewhere in the json files I found the following:
A Login with Amazon (LWA) authorization code that can be exchanged for
a refresh token and access token that authorize you to make calls to a
Selling Partner API.
So I think it’s getting hotter. But even if I manage to call this successfully, how do I then exchange the LWA authorization code for the refresh token? I don’t see an endpoint for that anywhere in the collection. Also, about this mwsAuthToken, isn’t MWS something that Amazon has replaced by the Selling Partner API and then shut down?
2
Answers
You need to call the https://api.amazon.com/auth/o2/token endpoint with the following data – see my screenshots:
You need refresh token, which someone should pass you if you don’t have access to Seller Central.
Plx have a look here
and watch until
21:11then you will know where to getLWA Refresh token