Access to requested resource is denied.

[SepuWeb]

Problem description:

Error:

errors": [ { "code": "Unauthorized", "message": "Access to requested resource is denied.", "details": "" } ] }

# Your error here. PLEASE make sure to redact secrets from your error log!

If I call VendorOrdersV1Api->getPurchaseOrders it works, so all security and rule and configuration are wright.

If I call these methods:
CatalogItemsV20220401Api->getCatalogItem
CatalogItemsV0Api->getCatalogItem
VendorDirectFulfillmentOrdersV20211228Api->getOrders

return the error:
{ "code": "Unauthorized", "message": "Access to requested resource is denied.", "details": "" }

Code

use Exception;
use Illuminate\Http\Request;
use SellingPartnerApi\Api\CatalogItemsV20220401Api;
use SellingPartnerApi\Api\VendorOrdersV1Api;
use SellingPartnerApi\Configuration;
use SellingPartnerApi\Endpoint;

class AmazonVendorController
{
 private function getConfiguration()
    {

        $config = new Configuration([
            "lwaClientId" => env('LWA_CLIENT_ID'),
            "lwaClientSecret" => env('LWA_CLIENT_SECRET'),
            "lwaRefreshToken" => env('LWA_REFRESH_TOKEN'),
            "awsAccessKeyId" => env('AWS_ACCESS_KEY_ID'),
            "awsSecretAccessKey" => env('AWS_SECRET_ACCESS_KEY'),
            "endpoint" => Endpoint::EU,
            "roleArn" => env('ROLE_ARN'),
        ]);

        return $config;
    }
$config = $this->getConfiguration();

        $apiInstance = new CatalogItemsV20220401Api($config);
        $marketplace_id = "APJ6JRA9NG5V4";
        
        try {
            $result = $apiInstance->getCatalogItem($marketplace_id, $asin);
            dd($result);
        } catch (Exception $e) {
            echo 'Exception when calling CatalogItemsV0Api->getCatalogItem: ', $e->getMessage(), PHP_EOL;
        }
}

Seller Central SP API config page screenshot

your screenshot here

[igormatkovic]

@SepuWeb did you ever get this sorted?

[SepuWeb]

no, in the end I switched to the official Amazon SDK.

[da-mask]

This sucks. I'm having a similiar issue with calling createShippingLabels on createShippingVendorDirectFulfillmentShippingV20211228Api . Maybe something is broken with adding RDT's to requests? Are you registered as a Private Developer too?

I'd be nervous working on a PR too, as @jlevers doesn't seem to have looked at this repo in a few months.

[cguweb-com]

correct, gentlemen.. I am having the same permissions issue trying to use RDT.

I can actually get it to at least successfully generate and return an RDT now, but what am I supposed to do with it? Just simply calling a RDT report straight afterwards doesn't seem to automagically send the correct access token (the RDT) as I was hoping, so I am lost.

Do I need to generate the RDT, then somehow tell the SDK to use it instead of normal access token? Do I simply pass it in the config array?

in /lib/Authentication.php, there is the getRestrictedDataToken method I call to successfully generate the RDT, and it appears to just pass it back, so I am stuck with how to use it after generating :(

in official docs, it says the RDT needs to be passed in the x-amz-access-token header, in place of the usual LWA token - ok, but using this library, how do we do that???

any suggestions or solutions would be greatly appreciated!

thanks
Chris