CustomError: Access to requested resource is denied. about amazon-sp-api HOT 14 CLOSED

Hi @jamesaq12wsx,

the aws region is set correct for the API requests (see Signer.js, lines 8 - 12). For the sts call which is used for fetching the security token it might be the problem. We are using "us-east-1" as default for all three regions (eu, na and fe).

Reason behind it was that, when we developed the first version of the client, "us-east-1" was working for "eu" region as well, while "eu-west-1" was not. So we don't fill that in dynamically and to be honest we never rechecked on that as no issues occurred yet.

You can try changing it in the signRoleCredentialsRequest function starting in line 135 in Signer.js.
But of course it can have numerous other reasons while access is denied.

from amazon-sp-api.

@amz-tools
Thank you for the prompt response, I modify signRoleCredentialsRequest in Signer.js, and can't even get the access_code from sts.
Do you have any idea what may cause this issue? I follow the step on amazon documents to create those credentials.

from amazon-sp-api.

@jamesaq12wsx

Have you tried setting auto_request_tokens to false and calling the refreshRoleCredentials function manually? If you can confirm that doesn't work then I would suggest you doublecheck that you set the right enviroment vars. If you did then I would suggest you start the whole creation of the IAM user and role all over and retry.

from amazon-sp-api.

@amz-tools
Thanks for the suggestion. I tried requesting access token and role credentials manually. It works, I could get those credentials. Do I still have to recreate the whole IAM user and role setting?

from amazon-sp-api.

@jamesaq12wsx Thats great! But the endpoint and operation calls (i.e. getMarketplaceParticipations) are still not working? Then you should make sure that you really have the right IAM role/user assigned to the app and if its correct and still not working you could try to restart again with the whole IAM user/policy/role setup to make sure it is really correct.

from amazon-sp-api.

@amz-tools I found out this message on the sp-api docs.

But I miss register the application with IAM user, Now I attached the policy to IAM user, I hope this could work out.
Or is it possible to change IAM of seller central's application?

from amazon-sp-api.

@jamesaq12wsx It seems as if you can't. The IAM field is unclickable when trying to edit it. Maybe you could open a support ticket with Amazon and ask them about it. Or you just create a new app, even if its still in draft mode: If you set up everything correct it should be working with you own refresh_token.

from amazon-sp-api.

Hello together, im getting the same error:

{"message":"Access to requested resource is denied.","code":"Unauthorized","details":"","type":"error"}

We registered our app with the role ARN (according to amazon documentation). We are using the "eu" region.
Could error occur, because our amazon developer account is not active "Your account has been deactivated"?
Im getting STS-Tokens when calling sts.amazonaws.com with the role ARN.

Any idea what could be the problem here?

Thanks for help.

from amazon-sp-api.

@Bowserlord Yes, this will definitely be a problem. You would need an active professional seller account to be able to use the SP-API, see the first question and answer here in the SP FAQs.

from amazon-sp-api.

@amz-tools Thank u very much for answering. After using an active account, it worked.

from amazon-sp-api.

Hi everyone and @amz-tools
Why we have to use refresh_token for the instance which using CallAPI? Couldn't find any place using refresh_token.
Is it using for auto retrieve access_token?

from amazon-sp-api.

Hi @jamesaq12wsx,

not sure if I understand the question correct, the refresh_token is used in the refreshAccessToken function, which can be called manually or will be called automatically when the client notices that the access_token is expired or invalid and auto_request_tokens option is set to true.

from amazon-sp-api.

@jamesaq12wsx Any issues left or can we close this issue?

from amazon-sp-api.

@amz-tools No thanks. I found that I got the wrong setting.

from amazon-sp-api.