Tokens API v2021-03-01 reference

AmazonSPAPI

# Overview

The Selling Partner API for Tokens provides a secure way to access a customer's PII (Personally Identifiable Information). You can call the Tokens API to get a Restricted Data Token (RDT) for one or more restricted resources that you specify. The RDT authorizes subsequent calls to restricted operations that correspond to the restricted resources that you specified.

For more information, see the Tokens API Use Case Guide (opens new window).

# Version information

Version : 2021-03-01

# Operations

createRestrictedDataToken

# Paths

# createRestrictedDataToken

POST /tokens/2021-03-01/restrictedDataToken

# Description

Returns a Restricted Data Token (RDT) for one or more restricted resources that you specify. A restricted resource is the HTTP method and path from a restricted operation that returns Personally Identifiable Information (PII), plus a dataElements value that indicates the type of PII requested. See the Tokens API Use Case Guide for a list of restricted operations. Use the RDT returned here as the access token in subsequent calls to the corresponding restricted operations.

Usage Plans:

Plan type Rate (requests per second) Burst
Default 1 10
Selling partner specific Variable Variable

The x-amzn-RateLimit-Limit response header returns the usage plan rate limits that were applied to the requested operation. Rate limits for some selling partners will vary from the default rate and burst shown in the table above. For more information, see "Usage Plans and Rate Limits" in the Selling Partner API documentation.

# Parameters

Type Name Description Schema
Body body
required
The restricted data token request details. CreateRestrictedDataTokenRequest

# Responses

HTTP Code Description Schema
200 Success.
Headers :
x-amzn-RateLimit-Limit (string) : Your rate limit (requests per second) for this operation.
x-amzn-RequestId (string) : Unique request reference identifier.
CreateRestrictedDataTokenResponse

For error status codes, descriptions and schemas, see Error responses and schemas.

# Error Responses and Schemas

This table contains HTTP status codes and associated information for error responses.

HTTP Code Description Schema
400 Request has missing or invalid parameters and cannot be parsed.
Headers:
x-amzn-RateLimit-Limit (string):Your rate limit (requests per second) for this operation.
x-amzn-RequestId (string):Unique request reference identifier.
ErrorList
401 The request's Authorization header is not formatted correctly or does not contain a valid token.
Headers:
x-amzn-RequestId (string):Unique request reference identifier.
ErrorList
403 Indicates that access to the resource is forbidden. Possible reasons include Access Denied, Unauthorized, Expired Token, or Invalid Signature.
Headers:
x-amzn-RequestId (string):Unique request reference identifier.
ErrorList
404 The specified resource does not exist.
Headers:
x-amzn-RateLimit-Limit (string):Your rate limit (requests per second) for this operation.
x-amzn-RequestId (string):Unique request reference identifier.
ErrorList
415 The request payload is in an unsupported format.
Headers:
x-amzn-RateLimit-Limit (string):Your rate limit (requests per second) for this operation.
Note: For this status code, the rate limit header is deprecated and no longer returned.
x-amzn-RequestId (string):Unique request reference identifier.
ErrorList
429 The frequency of requests was greater than allowed.
Headers:
x-amzn-RateLimit-Limit (string):Your rate limit (requests per second) for this operation.
Note: For this status code, the rate limit header is deprecated and no longer returned.
x-amzn-RequestId (string):Unique request reference identifier.
ErrorList
500 An unexpected condition occurred that prevented the server from fulfilling the request.
Headers:
x-amzn-RateLimit-Limit (string):Your rate limit (requests per second) for this operation.
Note: For this status code, the rate limit header is deprecated and no longer returned.
x-amzn-RequestId (string):Unique request reference identifier.
ErrorList
503 Temporary overloading or maintenance of the server.
Headers:
x-amzn-RateLimit-Limit (string):Your rate limit (requests per second) for this operation.
Note: For this status code, the rate limit header is deprecated and no longer returned.
x-amzn-RequestId (string):Unique request reference identifier.
ErrorList

# Definitions

# CreateRestrictedDataTokenRequest

The request schema for the createRestrictedDataToken operation.

Name Description Schema
targetApplication
optional
The application ID for the target application to which access is being delegated. string
restrictedResources
required
A list of restricted resources.
Maximum: 50
< RestrictedResource > array

# RestrictedResource

Model of a restricted resource.

Name Description Schema
method
required
The HTTP method in the restricted resource. enum (Method)
path
required
The path in the restricted resource. Here are some path examples:
- /orders/v0/orders. For getting an RDT for the getOrders operation of the Orders API. For bulk orders.
- /orders/v0/orders/123-1234567-1234567. For getting an RDT for the getOrder operation of the Orders API. For a specific order.
- /orders/v0/orders/123-1234567-1234567/orderItems. For getting an RDT for the getOrderItems operation of the Orders API. For the order items in a specific order.
- /mfn/v0/shipments/FBA1234ABC5D. For getting an RDT for the getShipment operation of the Shipping API. For a specific shipment.
- /mfn/v0/shipments/{shipmentId}. For getting an RDT for the getShipment operation of the Shipping API. For any of a selling partner's shipments that you specify when you call the getShipment operation.
string
dataElements
optional
Indicates the type of Personally Identifiable Information requested. This parameter is required only when getting an RDT for use with the getOrder, getOrders, or getOrderItems operation of the Orders API. For more information, see the Tokens API Use Case Guide (opens new window). Possible values include:
- buyerInfo. On the order level this includes general identifying information about the buyer and tax-related information. On the order item level this includes gift wrap information and custom order information, if available.
- shippingAddress. This includes information for fulfilling orders.
- buyerTaxInformation. This includes information for issuing tax invoices.
< string > array

# CreateRestrictedDataTokenResponse

The response schema for the createRestrictedDataToken operation.

Name Description Schema
restrictedDataToken
optional
A Restricted Data Token (RDT). This is a short-lived access token that authorizes calls to restricted operations. Pass this value with the x-amz-access-token header when making subsequent calls to these restricted resources. string
expiresIn
optional
The lifetime of the Restricted Data Token, in seconds. integer

# Error

An error response returned when the request is unsuccessful.

Name Description Schema
code
required
An error code that identifies the type of error that occurred. string
message
required
A message that describes the error condition. string
details
optional
Additional details that can help the caller understand or fix the issue. string

# ErrorList

A list of error responses returned when a request is unsuccessful.

Name Schema
errors
optional
< Error > array

# Method

The HTTP method in the restricted resource.

Type : enum

Value Description
GET The GET method.
PUT The PUT method.
POST The POST method.
DELETE The DELETE method.