I am trying to use Amazon's new Selling Partner API to access a direct fulfillment / vendor central account. I have followed the documentation to the best of my ability but I can't get a simple po request call to work. Here is all of the elements from my request. I am at a loss what if any part is actually wrong. I don't know of any way of testing all the elements for validity like you can with the Amazon MWS scratchpad.
canonical request
GET
/vendor/directFulfillment/orders/v1/purchaseOrders
createdAfter=2020-10-05T23%3A00%3A00-08%3A00&createdBefore=2020-10-09T23%3A00%3A00-08%3A00
host:sellingpartnerapi-na.amazon.com
user-agent:My, Selling, Tool/1.0, (Language=C#.NET; Platform=Windows/10)
x-amz-access-token:Atza|IwEBIG0G7EXAMPLE
x-amz-date:20201014T193028Z
host;user-agent;x-amz-access-token;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
string to sign
AWS4-HMAC-SHA256
20201014T193352Z
20201014/us-east-1/execute-api/aws4_request
d8efa99344ee27ae5505888ac5069f78734af9a95637485396274f8e773e2784
credential scope
20201014/us-east-1/execute-api/aws4_request
authorization header
AWS4-HMAC-SHA256 Credential=AKIAUEXAMPLE/20201014/us-east-1/execute-api/aws4_request, SignedHeaders=host;user-agent;x-amz-access-token;x-amz-date, Signature=cab976c4d1d2546328e19ff2314f888d0c4b25da4d36f66e53a6614c37b92dff
Here is the error response we are getting.
{Connection: keep-alivex-amzn-RequestId: 728bd01f-32ec-49d3-b845-558f4970014ax-amzn-ErrorType: InvalidSignatureExceptionx-amz-apigw-id: Uaxq-G6MoAMF6Cg=Date: Wed, 14 Oct 2020 20:44:02 GMT}
The error response showing your signature is not right. Also, you can test easier API to test the connection with your AWS.
Try this one, product-pricing-api, https://github.com/amzn/selling-partner-api-docs/blob/main/references/product-pricing-api/productPricingV0.md
First, using refresh_token and grant_type(refresh_token) send post to https://api.amazon.com/auth/o2/token and get the access_token;
Second, create a request, and addHeader.
Request request = new Request.Builder()
.url("https://sellingpartnerapi-na.amazon.com/products/pricing/v0/price?MarketplaceId=A2EUQ1WTGCTBG2&Skus="+sku+"&ItemType=Sku")
.method("GET", null)
.addHeader("x-amz-access-token","your token")
.build();
Third, using this utils AWSSigV4Signer.java to sign your request. Reference with "Step 1. Configure your AWS credentials" and "Step 2. Configure your AWS credentials provider" https://github.com/amzn/selling-partner-api-docs/blob/main/guides/en-US/developer-guide/SellingPartnerApiDeveloperGuide.md
AWSSigV4Signer awsSigV4Signer = new AWSSigV4Signer(awsAuthenticationCredentials,awsAuthenticationCredentialsProvider);
request = awsSigV4Signer.sign(request);
Your header should be add those information SignedHeaders=host;x-amz-access-token;x-amz-date;x-amz-security-token
x-amz-access-token: Atza|...
X-Amz-Security-Token: FwoGZX...
Host:sellingpartnerapi-na.amazon.com
X-Amz-Date:20201014T193352Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIAUEXAMPLE/20201014/us-east-1/execute-api/aws4_request, SignedHeaders=host;x-amz-access-token;x-amz-date;x-amz-security-token, Signature= {your signature}
Related
I have a sendgrid account which includes 7 days of email history.
I try to get these with the api command:
var sendgridtask = sendgridclient.RequestAsync(method: SendGrid.SendGridClient.Method.GET, urlPath: "messages?limit=10");
but this gives the response:
{"errors":[{"message":"authorization required"}]}
I guess the api key isn't correct, but when I try to execute the command:
var sendgridtask = sendgridclient.RequestAsync(method: SendGrid.SendGridClient.Method.GET, urlPath: "suppression/bounces/" + email);
it gives no error and responses the right info.
I checked the api key and it has full access.
I've also tried:
sendgridclient.AddAuthorization(new KeyValuePair<string, string>("Authorization", $"Bearer {apiKey}"));
but this gives the same response
Do you know what I am doing wrong?
Already got an answer from SendGrid:
Unfortunately in order to gain access to the Email Activity Feed API, you must purchase additional email activity history.
Or you can use our event webhook for your activity. https://sendgrid.com/docs/for-developers/tracking-events/getting-started-event-webhook/
So it seems that our license included history is only accessible from the SendGrid website, not from the API without an additional license.
We have our master Stripe account, and custom / connected accounts which we eventually want to transfer funds to, and then payout to their external bank accounts.
I have some code that works without issue in test mode, but on production we get an exception when doing the payout step. The error details are:
Stripe.StripeException: Cannot create payouts with an OAuth key.
at Stripe.Infrastructure.Requestor.ExecuteRequest(HttpRequestMessage requestMessage)
at Stripe.Infrastructure.Requestor.PostString(String url, StripeRequestOptions requestOptions)
As far as I know, we are not using an OAuth key for this request, as I set up the StripeAPI with the secret key in Startup.cs of our MVC web application:
StripeConfiguration.SetApiKey("sk_live_**************");
And the actual code to attempt the payout:
StripePayoutService sps = new StripePayoutService();
StripeRequestOptions connectRequest = new StripeRequestOptions();
connectRequest.StripeConnectAccountId = stripeConnectID; //"acct_*********"
StripePayoutCreateOptions spco = new StripePayoutCreateOptions();
spco.Amount = (int)(amount * 100);
spco.Currency = "GBP";
spco.StatementDescriptor = reference;
StripePayout result = sps.Create(spco, connectRequest);
I've specified the connected account id on the stripe request options and the Api Key in initialization, so what is causing the request to complain about OAuth credentials, or what am I missing / doing wrong in this scenario?
It turns out due to an edge case, as the wrong Stripe key was being used, so the OAuth key error message was a red herring. I would recommend anyone investigating an issue similar to this to check:
the request details (via the request id) in the api/logs section on the stripe dashboard, and that a request exists against the appropriate Stripe account
there are enough funds / the transfer succeeded, prior to the payout being requested
You are not doing anything wrong here. Its completely correct just available amount for payout is not available in test data of connect account. Do a test transaction and add amount to stripe test account. It should work fine.
I've been attempting to process a very simple express checkout Sandbox transaction using the C# Paypal API, but keep getting a session timeout error on the Paypal website after the redirect.
I should emphasize that I get a successful ACK response from SetExpressCheckout along with a Token string.
Here is an example of the checkout URL I've been trying to redirect to:
https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token=EC-9RY2628262462061J
My return address is localhost, but I couldn't see anywhere that this would be a problem in Sandbox.
On trying to redirect to the Sandbox I arrive not at the checkout URL but at this address:
https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_flow&SESSION=CzvBHQErPEHw5gOt51FV88G_4L9HUCLypeGkwVZLW6mkWsZOofIpFR2K6Aa&dispatch=50a222a57771920b6a3d7b606239e4d529b525e0b7e69bf0224adecfb0124e9b61f737ba21b081984719ecfa9a8ffe80733a1a700ced90ae
And see the following error message:
"This transaction has expired. Please return to the recipient's website to complete your transaction using their regular checkout flow."
How can the transaction be timing out when [1] I have a successful API response along with a token and [2] I literally redirect there immediately after getting the token.
Does anyone have any idea what's going on here?
If it helps here is the C# I wrote to access the API. As noted, I get a success ACK response plus a token.
try
{
var details = ToPaymentDetails(data);
var request = new SetExpressCheckoutReq();
request.SetExpressCheckoutRequest = new SetExpressCheckoutRequestType
{
SetExpressCheckoutRequestDetails = details,
Version = Version
};
var result = await client.SetExpressCheckoutAsync(credentials, request);
var response = result.SetExpressCheckoutResponse1;
FailOnError(response);
return Result.Success(response.Token);
}
catch (Exception ex)
{
return Result.Error<string>("Received an error from Paypal.SetExpressCheckout.", exception: ex);
}
The EC token only last for 3 hours. You will have to recall the SetEC API to get a new EC token and proceed with the checkout flow.
I am not closer to understanding why the SOAP API call generates a token that is rejected by Paypal, but I found that I was able to reach the Sandbox payment page if I used the SDK to generate a payment.
This hasn't exactly been an enlightening or educational experience ...
I wonder if it is possible to get a permanent access token for personal use on Reddit?
It will only be me using the App.
For users, the access token expires after 1 hour.
My using the below information that I have about my client-id and secret, I put up a start attempt of trying to get an access token. (MessageBox show "Error 401")
If a user will get a token, one have to click "Allow" in the browser. Very well described here. https://github.com/reddit/reddit/wiki/OAuth2
This it NOT what I am after. I am after for, personal use, an access token only through code. Is this possible?
String requestUrl = "https://ssl.reddit.com/api/v1/access_token";
RestSharp.RestClient rc = new RestSharp.RestClient();
RestSharp.RestRequest request = new RestSharp.RestRequest(requestUrl, RestSharp.Method.POST);
request.AddHeader("Content-Type", "application/json");
//request.AddHeader("Authorization", ""); //???
request.AddHeader("x-li-format", "json");
request.AddParameter("client_id", "abcdefg");
request.AddParameter("client_secret", "abc123-456");
request.AddParameter("grant_type", "abc123-456");
request.AddParameter("scope", "identity");
request.AddParameter("state", "adhasegw"); //whatever value
request.AddParameter("duration", "permanent");
request.AddParameter("redirect_uri", "http://mywebsite.co");
request.RequestFormat = RestSharp.DataFormat.Json;
RestSharp.RestResponse restResponse = (RestSharp.RestResponse)rc.Execute(request);
RestSharp.ResponseStatus responseStatus = restResponse.ResponseStatus;
MessageBox.Show(restResponse.Content.ToString() + "," + responseStatus.ToString());
As of right now, you cannot retrieve a permanent access token. You have 2 options that come close.
The first is to request a "refresh" token when using the standard OAuth flow. That's what you're doing by sending "duration" as "permanent" in your code. The refresh token can be used to automatically retrieve new 1 hour access tokens without user intervention; the only manual steps are on the initial retrieval of the refresh token.
The second alternative, which applies only when writing a script for personal use, is to use the password grant type. The steps are described in more detail on reddit's "OAuth Quick Start" wiki page, but I'll summarize here:
Create an OAuth client (under https://www.reddit.com/prefs/apps) with type = "script"
Make a request to https://www.reddit.com/api/v1/access_token with POST parameters grant_type=password&username=<USERNAME>&password=<PASSWORD>. Send your client ID and secret as HTTP basic authentication. <USERNAME> must be registered as a developer of the OAuth 2 client ID you send.
A client_id and client_secret can be generated for a reddit account by going to https://www.reddit.com/prefs/apps and creating an app:
The part I have hidden is my client_id.
Then you can use a client like praw to access reddit e.g. with Python:
import praw
r = praw.Reddit(client_id='insert id here',
client_secret='insert secret here',
user_agent='insert user agent')
page = r.subreddit('aww')
top_posts = page.hot(limit=None)
for post in top_posts:
print(post.title, post.ups)
You could use your current browser's user agent, which can be easily found by google searching "what is my user agent" (among other ways).
I'm trying to connect my website to the Paypal Sandbox in order to use the Express Checkout feature. I've used this link as reference but i keep getting the 10002 Error "Security header is not valid".
From the documentation this has to be a invalid credentials problem but if i made the request manually through soapUI it returns "Sucess", if i use the curl command it also works as expected.
Scenario: ASP.NET page with two Web References one to https://www.sandbox.paypal.com/wsdl/PayPalSvc.wsdl and another to https://www.paypalobjects.com/wsdl/PayPalSvc.wsdl, the given credentials are Username, Password and Signature as you can see in the following code snippet:
using CloudShop.com.paypal.sandbox.www;
namespace CloudShop
{
public static PayPalAPIAASoapBinding BuildPayPalWebservice()
{
UserIdPasswordType credentials = new UserIdPasswordType()
{
Username = CloudShopConf.PayPalAPIUsername,
Password = CloudShopConf.PayPalAPIPassword,
Signature = CloudShopConf.PayPalAPISignature
};
PayPalAPIAASoapBinding paypal = new PayPalAPIAASoapBinding();
paypal.RequesterCredentials = new CustomSecurityHeaderType()
{
Credentials = credentials
};
return paypal;
}
Right now i would like to know how to proceed with the debug. What could be wrong?
Some ideas:
Check if you are using the Live-Credentials for the sandbox account.
Are you using https://api-3t.sandbox.paypal.com/2.0/ (especially the -3t part) as the endpoint? You should as you are using Signature authentication.
As usual, you should step through every setting you are using: protocol, API Endpoint, Version, Credentials etc. and compare you're manual SoapUI call with the information stored in you shop configuration.
I also found a blog article on this error that might help resolving this issue.