#amazon sp-api with access denied with no details# 1.我已将其配置如下:
STS 策略 -> AWS 用户
SellingPartnerAPI 策略 -> IAM
使用 ROLE ARN 注册角色的应用程序
我需要获取客户详细信息(用于每天获取订单) 和订单详情,以下是我的代码。期待帮助。
{
"errors": [
{
"message": "Access to requested resource is denied.",
"code": "Unauthorized",
"details": ""
}
]
}
```
public string GetloginUrl(string redirectUrl, string state, string guid)
{
return string.Format("https://sellercentral.amazon.ca/apps/authorize/consent?application_id="+app_id+"&state="+state+ "&redirect_uri="+ redirect_uri+ "&version=beta");
}
public void SignWithAccessToken(string code)
{
var client22 = new RestClient("https://api.amazon.com/auth/o2/token");
client22.Timeout = -1;
var request = new RestRequest(Method.POST);
request.AddHeader("content-type", "application/x-www-form-urlencoded");
request.AddParameter("grant_type", "refresh_token");
request.AddParameter("client_id", client_id);
request.AddParameter("client_secret", client_secret);
request.AddParameter("code", code);
request.AddParameter("refresh_token",refresh_token);
IRestResponse response22 = client22.Execute(request);
var tokens = JObject.Parse(response22.Content);
AccessToken serStatus = JsonConvert.DeserializeObject<AccessToken>(response22.Content);
var resource = "/orders/v0/orders";
IRestRequest restRequest = new RestRequest(resource, Method.GET);
restRequest.AddParameter("createdAfter", DateTime.UtcNow.AddDays(-5).ToString("yyyy-MM-dd"), ParameterType.QueryString);
restRequest.AddParameter("createdBefore", DateTime.UtcNow.ToString("yyyy-MM-dd"), ParameterType.QueryString);
restRequest.AddQueryParameter("marketplaceIds", "ATVPDKIKX0DER");
var client = new RestClient("https://sellingpartnerapi-na.amazon.com");
var lwaAuthorizationCredentials = new LWAAuthorizationCredentials
{
ClientId = client_id,
ClientSecret = client_secret,
Endpoint = new Uri("https://api.amazon.com/auth/o2/token"),
RefreshToken = refresh_token,
};
restRequest= new LWAAuthorizationSigner(lwaAuthorizationCredentials).Sign(restRequest);
AssumeRoleResponse response1 = null;
using (var STSClient = new AmazonSecurityTokenServiceClient(accesskey, secretkey, RegionEndpoint.USEast1))
{
var req = new AssumeRoleRequest()
{
RoleArn = RoleARN,
DurationSeconds = 950,
RoleSessionName = Guid.NewGuid().ToString()
};
response1 = STSClient.AssumeRoleAsync(req, new CancellationToken()).Result;
}
//auth step 3
var awsAuthenticationCredentials = new AWSAuthenticationCredentials
{
AccessKeyId = response1.Credentials.AccessKeyId,
SecretKey = response1.Credentials.SecretAccessKey,
Region = "us-east-1"
};
restRequest.AddHeader("x-amz-security-token", response1.Credentials.SessionToken);
restRequest = new AWSSigV4Signer(awsAuthenticationCredentials).Sign(restRequest,client.BaseUrl.Host);
var response = client.Execute(restRequest);
}
```
不知道问题出在哪里