# Overview
The Selling Partner API for Tokens provides a secure way to access a customer's PII (Personally Identifiable Information). You can call the Tokens API to get a Restricted Data Token (RDT) for one or more restricted resources that you specify. The RDT authorizes subsequent calls to restricted operations that correspond to the restricted resources that you specified.
For more information, see the Tokens API Use Case Guide (opens new window).
# Version information
Version : 2021-03-01
# Operations
# Paths
# createRestrictedDataToken
POST /tokens/2021-03-01/restrictedDataToken
# Description
Returns a Restricted Data Token (RDT) for one or more restricted resources that you specify. A restricted resource is the HTTP method and path from a restricted operation that returns Personally Identifiable Information (PII), plus a dataElements value that indicates the type of PII requested. See the Tokens API Use Case Guide for a list of restricted operations. Use the RDT returned here as the access token in subsequent calls to the corresponding restricted operations.
Usage Plans:
Plan type | Rate (requests per second) | Burst |
---|---|---|
Default | 1 | 10 |
Selling partner specific | Variable | Variable |
The x-amzn-RateLimit-Limit response header returns the usage plan rate limits that were applied to the requested operation. Rate limits for some selling partners will vary from the default rate and burst shown in the table above. For more information, see "Usage Plans and Rate Limits" in the Selling Partner API documentation.
# Parameters
Type | Name | Description | Schema |
---|---|---|---|
Body | body required | The restricted data token request details. | CreateRestrictedDataTokenRequest |
# Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success. Headers : x-amzn-RateLimit-Limit (string) : Your rate limit (requests per second) for this operation. x-amzn-RequestId (string) : Unique request reference identifier. | CreateRestrictedDataTokenResponse |
For error status codes, descriptions and schemas, see Error responses and schemas.
# Error Responses and Schemas
This table contains HTTP status codes and associated information for error responses.
HTTP Code | Description | Schema |
---|---|---|
400 | Request has missing or invalid parameters and cannot be parsed. Headers: x-amzn-RateLimit-Limit (string):Your rate limit (requests per second) for this operation. x-amzn-RequestId (string):Unique request reference identifier. | ErrorList |
401 | The request's Authorization header is not formatted correctly or does not contain a valid token. Headers: x-amzn-RequestId (string):Unique request reference identifier. | ErrorList |
403 | Indicates that access to the resource is forbidden. Possible reasons include Access Denied, Unauthorized, Expired Token, or Invalid Signature. Headers: x-amzn-RequestId (string):Unique request reference identifier. | ErrorList |
404 | The specified resource does not exist. Headers: x-amzn-RateLimit-Limit (string):Your rate limit (requests per second) for this operation. x-amzn-RequestId (string):Unique request reference identifier. | ErrorList |
415 | The request payload is in an unsupported format. Headers: x-amzn-RateLimit-Limit (string):Your rate limit (requests per second) for this operation.Note: For this status code, the rate limit header is deprecated and no longer returned. x-amzn-RequestId (string):Unique request reference identifier. | ErrorList |
429 | The frequency of requests was greater than allowed. Headers: x-amzn-RateLimit-Limit (string):Your rate limit (requests per second) for this operation.Note: For this status code, the rate limit header is deprecated and no longer returned. x-amzn-RequestId (string):Unique request reference identifier. | ErrorList |
500 | An unexpected condition occurred that prevented the server from fulfilling the request. Headers: x-amzn-RateLimit-Limit (string):Your rate limit (requests per second) for this operation.Note: For this status code, the rate limit header is deprecated and no longer returned. x-amzn-RequestId (string):Unique request reference identifier. | ErrorList |
503 | Temporary overloading or maintenance of the server. Headers: x-amzn-RateLimit-Limit (string):Your rate limit (requests per second) for this operation.Note: For this status code, the rate limit header is deprecated and no longer returned. x-amzn-RequestId (string):Unique request reference identifier. | ErrorList |
# Definitions
# CreateRestrictedDataTokenRequest
The request schema for the createRestrictedDataToken operation.
Name | Description | Schema |
---|---|---|
targetApplication optional | The application ID for the target application to which access is being delegated. | string |
restrictedResources required | A list of restricted resources. Maximum: 50 | < RestrictedResource > array |
# RestrictedResource
Model of a restricted resource.
Name | Description | Schema |
---|---|---|
method required | The HTTP method in the restricted resource. | enum (Method) |
path required | The path in the restricted resource. Here are some path examples: - /orders/v0/orders . For getting an RDT for the getOrders operation of the Orders API. For bulk orders.- /orders/v0/orders/123-1234567-1234567 . For getting an RDT for the getOrder operation of the Orders API. For a specific order.- /orders/v0/orders/123-1234567-1234567/orderItems . For getting an RDT for the getOrderItems operation of the Orders API. For the order items in a specific order.- /mfn/v0/shipments/FBA1234ABC5D . For getting an RDT for the getShipment operation of the Shipping API. For a specific shipment.- /mfn/v0/shipments/{shipmentId} . For getting an RDT for the getShipment operation of the Shipping API. For any of a selling partner's shipments that you specify when you call the getShipment operation. | string |
dataElements optional | Indicates the type of Personally Identifiable Information requested. This parameter is required only when getting an RDT for use with the getOrder, getOrders, or getOrderItems operation of the Orders API. For more information, see the Tokens API Use Case Guide (opens new window). Possible values include: - buyerInfo. On the order level this includes general identifying information about the buyer and tax-related information. On the order item level this includes gift wrap information and custom order information, if available. - shippingAddress. This includes information for fulfilling orders. - buyerTaxInformation. This includes information for issuing tax invoices. | < string > array |
# CreateRestrictedDataTokenResponse
The response schema for the createRestrictedDataToken operation.
Name | Description | Schema |
---|---|---|
restrictedDataToken optional | A Restricted Data Token (RDT). This is a short-lived access token that authorizes calls to restricted operations. Pass this value with the x-amz-access-token header when making subsequent calls to these restricted resources. | string |
expiresIn optional | The lifetime of the Restricted Data Token, in seconds. | integer |
# Error
An error response returned when the request is unsuccessful.
Name | Description | Schema |
---|---|---|
code required | An error code that identifies the type of error that occurred. | string |
message required | A message that describes the error condition. | string |
details optional | Additional details that can help the caller understand or fix the issue. | string |
# ErrorList
A list of error responses returned when a request is unsuccessful.
Name | Schema |
---|---|
errors optional | < Error > array |
# Method
The HTTP method in the restricted resource.
Type : enum
Value | Description |
---|---|
GET | The GET method. |
PUT | The PUT method. |
POST | The POST method. |
DELETE | The DELETE method. |