Setting up Amazon SP-API Notification API

Question

Trying to set up Amazon SP-API Notifications Api but I am running into a few issues

I have setup everything up to creating a destination and subscription for SQS. After completing that part, I am now stuck on how to get the information to a specific endpoint that I want. I also cant seem to figure out how will I pass in MFN_ORDER_STATUS_CHANGE to get all the necessary information from the SQS.

Answer 1

ToddT, They mention in docs https://developer-docs.amazon.com/sp-api/docs/notifications-api-v1-use-case-guide#step-2-create-a-destination

Calling the createDestination operation does not require authorization from any selling partner. In this respect, this operation is a "grantless" operation and has a different authorization model from most other Selling Partner API operations.

POST https://sellingpartnerapi-na.amazon.com/notifications/v1/destinations
{
  "name": "YourDestinationName",
  "resourceSpecification":
  {
    "sqs":
    {
      "arn": "arn:aws:sqs:us-east-2:444455556666:queue1"
    }
  }
}

https://developer-docs.amazon.com/amazon-shipping/docs/grantless-operations

Answer 2

Amr, Hey, I'm putting this here so you can see my code and maybe see what I'm doing wrong. As I can use postman like a champ. And the API works just fine, but when I translate to my own code it fails every time, and I have no idea why..

Here goes. I'll just put in everything here

module CreateSqsSubscriptionService
  module_function
  require 'faraday_middleware/aws_sigv4'

  def call
    @destination_url = "https://sellingpartnerapi-na.amazon.com/notifications/v1/destinations"
    @body = {
      "name": "Todd",
      "resourceSpecification": {
        "sqs": {
          "arn": "arn of the queue I'm setting up"
        }
      }
    }
    get_lwa_access_token
    request_temp_keys
    create_destination
  end

I can get the LWA access token just fine like this:

  def get_lwa_access_token
    response = Typhoeus.post("https://api.amazon.com/auth/o2/token", body: {
      grant_type: "client_credentials",
      client_id: "lwa id for the app",
      client_secret: "lwa secret for the app",
      scope: "sellingpartnerapi::notifications"
    })
    @access_token = JSON.parse(response.body)["access_token"]
  end

Then these temp keys are great too

def request_temp_keys
sts_client = Aws::STS::Client.new(
  region: "us-east-1",
  credentials: Aws::Credentials.new("ID", "secret")
)

@temp_credentials = sts_client.assume_role({
  role_arn: "arn for SellerAPIRole set in IAM",
  role_session_name: "SPSession"
}).to_h[:credentials]

@temp_credentials #this includes the [:access_key_id] [:secret_access_key] AND [:session_token]
end

Ok, all good to this point. But this is where it fails:

  def create_destination

    conn = Faraday.new(url: 'https://sellingpartnerapi-na.amazon.com') do |faraday|
    faraday.request :aws_sigv4,
            credentials: Aws::Credentials.new(@temp_credentials[:access_key_id], @temp_credentials[:secret_access_key], @temp_credentials[:session_token]),
            service: 'execute-api',
            region: 'us-east-1'
    faraday.adapter Faraday.default_adapter
  end

  response = conn.post('/notifications/v1/destinations') do |req|
      req.headers["x-amz-access-token"] = @access_token
      req.body = @body.to_json
  end

  pp response
 end

Yea all I ever get is "Access token is missing in the request header"

But of course when I look at the request, its definitely NOT missing.. Love it!