Connecting to Amazon Marketplace

Amazon MWS API vs Selling Partner API

Amazon MWS (Marketplace Web Services) API is the older API for the Amazon Marketplace while Selling Partner (SP) API provides number of improvements over MWS API including JSON-based REST API design standards and OAuth 2.0. SP-API includes all functionality available in Amazon MWS API.

You may specify which API to connect to by setting Schema. Please be aware that each API has different available connection options as described below.

Connecting to Selling Partner API

When using the Amazon Selling Partner API to connect to the Amazon Marketplace, the following properties are required:

• Schema: Set this to SellingPartner.
• InitiateOAuth: Set this to GETANDREFRESH.
• Marketplace: Set this to the Marketplace region that you are registered to sell in.

Also, you can use the SellingPartner property to choose Seller or Vendor authentication.

Connecting to the MWS API

When using the Amazon MWS API to connect to the Amazon Marketplace, SellerId, Marketplace, Marketplace are required connection properties. Set Schema to Marketplace.

Configure Access to Amazon Marketplace

To connect to Amazon Marketplace first authorize CData developer. To do so follow the steps below:

• Using the CData MWS developer id: 195280669143.
• Go to the Manage your apps page in Seller Central and log into your Amazon seller account as the primary account holder.
• Click the Authorize new developer button and follows the authorization workflow using the developer id provided by the adapter.

Or you can go to Amazon Marketplace CData Driver and click Authorize Now on the right panel.

Obtaining the MWS Auth Token

To obtain the MWS Auth Token, follow the steps below:

• Go to the Manage your apps page in Seller Central and log into your Amazon seller account as the primary account holder.
• Find the CData App.
• Under the MWS Auth Token Column click View.

Obtaining the Seller ID

To obtain the Seller ID follow the steps below:

• Login to your seller account.
• Select Settings, then Account Info on upper right of screen.
• Under Business Information select "Your Merchant Token".

Authenticate to Amazon Marketplace

Amazon Marketplace Accounts

Set the following connection properties to connect:

• SellerId: Set the Seller ID of Amazon marketplace web service settings.
• Marketplace: Set the Amazon marketplace location (for example, United States).
• Schema: Set Schema to Marketplace.

OAuth

Amazon Marketplace uses the OAuth authentication standard.

To authenticate using OAuth, you must either use the embedded application or create a new custom OAuth app. The embedded application supports desktop applications and headless machines. Web applications require that you create a custom OAuth application.

You can use a custom OAuth application to authenticate with a service account or a user account. See Creating a Custom OAuth App for more information.

Downloading Embedded Credentials

Because Amazon Marketplace requires that embedded credentials rotate every six months, CData credentials are hosted on oa.cdata.com. If you do not specify custom credentials, the embedded credentials are downloaded from our web service and saved in the location specified in OAuthClientLocation by default. NOTE:Make sure your firewall does not block oa.cdata.com.

Desktop Apps

You can use the embedded application or create a custom OAuth application. The key difference is that you must set additional connection properties if you use a custom application.

Get and Refresh the OAuth Access Token

After setting the following, you are ready to connect:

• InitiateOAuth: Set this to GETANDREFRESH. You can use InitiateOAuth to avoid repeating the OAuth exchange and manually setting the OAuthAccessToken.
• Marketplace: Set this to the Marketplace region that you are registered to sell in.
• AppId: Set this to the application Id for the Selling Partner application you created.
• Schema: Set this to SellingPartner to connect to SP-API.
• AWSAccessKey: This is the Access Key tied to the AWS user that is associated with the OAuthClientId.
• AWSSecretKey: This is the Secret Key tied to the AWS user that is associated with the OAuthClientId.
• OAuthClientId (custom applications only): Set this to the client Id assigned when you registered your app.
• OAuthClientSecret (custom applications only): Set this to the client secret assigned when you registered your app.

When you connect the adapter opens the OAuth endpoint in your default browser. Log in and grant permissions to the application. The adapter then completes the OAuth process:

1. Extracts the access token from the callback URL and authenticates requests.
2. Refreshes the access token when it expires.
3. Saves OAuth values in OAuthSettingsLocation. These values persist across connections.

Web Apps

When connecting via a Web application, you need to register a custom OAuth application with Amazon Marketplace. You can then use the adapter to get and manage the OAuth token values.

Get an OAuth Access Token

Set the following connection properties to obtain the OAuthAccessToken:

• OAuthClientId: Set this to the Client Id in your application settings.
• OAuthClientSecret: Set this to the Client Secret in your application settings.
• Marketplace: Set this to the Marketplace region that you are registered to sell in.
• Schema: Set this to SellingPartner to connect to SP-API.

You can then call stored procedures to complete the OAuth exchange:

1. Call the GetOAuthAuthorizationURL stored procedure. Set the AuthMode input to WEB and set the CallbackURL input to the Redirect URI you specified in your application settings. The stored procedure returns the URL to the OAuth endpoint.
2. Log in and authorize the application. You are redirected back to the callback URL.
3. Call the GetOAuthAccessToken stored procedure. Set the AuthMode input to WEB. Set the Verifier input to the "spapi_oauth_code" parameter in the query string of the callback URL.

Refresh the OAuth Access Token

You can set InitiateOAuth to REFRESH to automatically refresh the OAuth access token when it expires, or you can call the RefreshOAuthAccessToken stored procedure to refresh the token manually.

Automatic Refresh

To refresh the token with InitiateOAuth, set the following on the first data connection:

• OAuthAccessToken: Set this to the access token returned by GetOAuthAccessToken.
• InitiateOAuth: Set this to REFRESH. You can use InitiateOAuth to avoid repeating the OAuth exchange and manually setting the OAuthAccessToken.
• OAuthSettingsLocation: Set this to the location where the adapter saves the OAuth values. These values persist across connections.
• OAuthClientId: Set this to the Client Id in your application settings.
• OAuthClientSecret: Set this to the Client Secret in your application settings.
• OAuthRefreshToken: Set this to the refresh token returned by GetOAuthAccessToken.
• Marketplace: Set this to the Marketplace region that you are registered to sell in.
• AppId: Application Id for Selling Partner application you created.
• Schema: Set this to SellingPartner to connect to SP-API.
• AWSAccessKey: This is the Access Key tied to the AWS user that is associated with the OAuthClientId.
• AWSSecretKey: This is the Secret Key tied to the AWS user that is associated with the OAuthClientId.

On subsequent data connections, set the following:

• InitiateOAuth
• OAuthSettingsLocation
• Marketplace: Set this to the Marketplace region that you are registered to sell in.
• AppId: Application Id for Selling Partner application you created.
• Schema: Set this to SellingPartner to connect to SP-API.
• AWSAccessKey: This is the Access Key tied to the AWS user that is associated with the OAuthClientId.
• AWSSecretKey: This is the Secret Key tied to the AWS user that is associated with the OAuthClientId.

Manual Refresh

You can use the GetOAuthAccessTokenstored procedure to manually refresh the OAuthAccessToken. Call the stored procedure after the ExpiresIn parameter value returned by GetOAuthAccessToken has elapsed. You need the following connection properties to be set:

• OAuthClientId: Set this to the Client Id in your application settings.
• OAuthClientSecret: Set this to the Client Secret in your application settings.
• Marketplace: Set this to the Marketplace region that you are registered to sell in.
• Schema: Set this to SellingPartner to connect to SP-API.

You can then call RefreshOAuthAccessToken with the following parameter set:

• OAuthRefreshToken: Set this to the OAuthRefreshToken returned by GetOAuthAccessToken.

Headless Machines

To configure the driver, use OAuth with a user account on a headless machine. You need to authenticate on another device that has an internet browser with a user account or serviced account.

1. Choose one of these two options:
   • Option 1: Obtain the OAuthVerifier value as described in "Obtain and Exchange a Verifier Code" below.
   • Option 2: Install the adapter on another machine and transfer the OAuth authentication values after you authenticate through the usual browser-based flow, as described in "Transfer OAuth Settings" below.

2. Then configure the adapter to automatically refresh the access token from the headless machine.

Option 1: Obtain and Exchange a Verifier Code

Follow these steps to authenticate from another machine and obtain the OAuthVerifier connection property:

1. Choose one of these options:
   • If you are using the Embedded OAuth Application, call the GetOAuthAuthorizationURL stored procedure. Open the URL returned by the stored procedure in a browser.
   • If you are using a custom OAuth application, set the following properties:
     • InitiateOAuth: Set this to OFF.
     • OAuthClientId (custom applications only): Set this to the Client Id in your application settings.
     • OAuthClientSecret (custom applications only): Set this to the Client Secret in your application settings.

       Then call the GetOAuthAuthorizationURL stored procedure with the appropriate CallbackURL. Open the URL returned by the stored procedure in a browser.

2. Log in and grant permissions to the adapter. You are then redirected to the callback URL, which contains the verifier code as the value for 'spapi_oauth_code'. Save the value of the verifier code. You must set this in the OAuthVerifier connection property later.

Next, you need to exchange the OAuth verifier code for OAuth refresh and access tokens.

On the headless machine, set the following connection properties to obtain the OAuth authentication values:

• OAuthClientId (custom applications only): Set this to the consumer key in your application settings.
• OAuthClientSecret (custom applications only): Set this to the consumer secret in your application settings.
• OAuthVerifier: Set this to the verifier code.
• OAuthSettingsLocation: Set this to persist the encrypted OAuth authentication values to the specified location.
• InitiateOAuth: Set this to REFRESH.

After the OAuth settings file is generated, set the following properties to connect to data:

• OAuthClientId (custom applications only): Set this to the consumer key in your application settings.
• OAuthClientSecret (custom applications only): Set this to the consumer secret in your application settings.
• OAuthSettingsLocation: Set this to the location containing the encrypted OAuth authentication values. Make sure this location gives read and write permissions to the provider to enable the automatic refreshing of the access token.
• InitiateOAuth: Set this to REFRESH.
• Marketplace: Set this to the Marketplace region that you are registered to sell in.
• Schema: Set this to SellingPartner to connect to SP-API.
• AppId: Application Id for Selling Partner application you created.
• AWSAccessKey: This is the Access Key tied to the AWS user that is associated with the OAuthClientId.
• AWSSecretKey: This is the Secret Key tied to the AWS user that is associated with the OAuthClientId.

Option 2: Transfer OAuth Settings

Follow the steps below to install the adapter on another machine, authenticate, and then transfer the resulting OAuth values.

On a second machine, install the adapter and connect with the following properties set:

• OAuthSettingsLocation: Set this to a writable location.
• InitiateOAuth: Set this to GETANDREFRESH.
• OAuthClientId (custom applications only): Set this to the client Id assigned when you registered your app.
• OAuthClientSecret (custom applications only): Set this to the client secret assigned when you registered your app.

Test the connection to authenticate. The resulting authentication values are encrypted and written to a file located in the path specified by OAuthSettingsLocation. After you have successfully tested the connection, copy the OAuth settings file to your headless machine. On the headless machine, set the following connection properties to connect to data:

• InitiateOAuth: Set this to REFRESH.
• OAuthClientId (custom applications only): Set this to the consumer key in your application settings.
• OAuthClientSecret (custom applications only): Set this to the consumer secret in your application settings.
• OAuthSettingsLocation: Set this to the location of your OAuth settings file. Make sure this location gives read and write permissions to the adapter to enable the automatic refreshing of the access token.
• Marketplace: Set this to the Marketplace region that you are registered to sell in.
• Schema: Set this to SellingPartner to connect to SP-API.
• AppId: Application Id for Selling Partner application you created.
• AWSAccessKey: This is the Access Key tied to the AWS user that is associated with the OAuthClientId.
• AWSSecretKey: This is the Secret Key tied to the AWS user that is associated with the OAuthClientId.