Register as a Public SP-API Developer
Complete the SP-API Developer Profile as a public developer.
This topic provides a registration overview for public SP-API vendor and seller developers. Public developers build applications that are publicly available and are authorized by sellers or vendors using OAuth.
In accordance with the Amazon Services API Developer Agreement, public developers must list their app in the Amazon Selling Partner Appstore.
Before you register, review the Registration recommendations in the SP-API Registration overview topic.
For more information about developer types, refer to Terminology, or watch the Getting Started videos.
Important
Only Professional Selling Accounts can register to develop or integrate with Selling Partner API. Individual accounts are not eligible. You can upgrade your account to a professional plan at any time.
You must be a primary account user to complete registration.
Public developer requirements
- All public developers are required to share a website URL that is publicly available and provides details about the services their application offers to Amazon Sellers. Websites that are not accessible, are under construction, have a security warning, or are login only are not accepted.
- All developers who want to build a publicly available application with restricted SP-API roles must go through an architecture review with the SP-API Solutions Architecture team. This review requires a detailed explanation of the application’s data flows and data protection controls for Personally Identifiable Information (PII). This process can involve a demo through screen sharing.
- Questions related to PII must be answered with as much detail as possible to support your developer use case.
Register as a seller or vendor developer
Complete the Developer Profile
The Developer Profile collects your organization’s contact information, information about the data you require in Amazon Services APIs, and security and use information to ensure your compliance with Amazon’s Acceptable Use Policy, Data Protection Policy, Developer Agreement, and access requirements.
Note
If you are an Amazon Marketplace Web Service developer with multiple developer IDs, you do not need to submit a separate Developer Profile for each developer ID.
After you complete the Developer Profile, Amazon will evaluate your information and create a case with next steps. You might be asked to provide additional information or documentation, so you must complete all fields truthfully and accurately.
Use the following steps to complete the Developer Profile.
-
Sign in to Seller Central. For regional URLs, refer to Seller Central URLs.
-
Open the menu, select Apps and Services, then choose Develop Apps.
-
If you have not yet completed a Developer Profile for your selling account, choose Proceed to Developer Profile. Otherwise, choose View profile.
-
Complete the developer registration form.
- Enter your Contact Information.
- Enter Data Access details.
- From the Data Access dropdown, choose Public Developer: I build and offer publicly available applications that are used by other sellers.
- If you are currently a developer, you must provide all of your organization's developer IDs, separated with commas.
- Select the Roles that apply to your application. For more information about Role definitions, refer to Roles in the Selling Partner API.
Applying for Restricted Roles
There are three Restricted (PII) Roles:
You must justify the use of each restricted role by describing the application or feature(s) you intend to build and why you require Personally Identifiable Information (PII) to do so.
-
Enter your Use Cases.
-
Enter your Security Controls.
Fill out the form thoroughly and to the best of your ability. These security questions are in place to ensure you have safety measures within your application and environment to secure Selling Partner data.
Review the Data Protection Policy and ensure that your answers to the free form questions are less than 500 characters.
-
Check the box confirming that you have read and agree to the Amazon Services API Developer Agreement, Acceptable Use Policy, and the Data Protection Policy.
-
Choose Register.
-
Wait for next steps. Case updates will be sent to the admin email address on file. If you are contacted for more information, you must respond within five days to prevent case closure. For more information, refer to Check the status of your request to register as a developer.
Developer Profile review
The decision to grant or deny Selling Partner API access is made based on the information that you provide in your Developer Profile, including but not limited to your application functionality and your compliance with the Acceptable Use Policy and the Data Protection Policy. We cannot disclose detailed information about how we determine Selling Partner API eligibility, but we prioritize data security in these decisions.
If you close or do not respond to questions about your case within five days, your case will be resolved and your SP-API access will remain unchanged.
Developer Profile review for Restricted (PII) Roles
If you applied for Restricted (PII) Roles as part of your Developer Profile, your application review will go through the following three stages:
Stage 1: Business criteria review
We review the developer application on a variety of technical and business criteria including business use-case, launch readiness, services offered that can be viewed on a public facing website, and supported geographies. If the developer fails at this stage we will reject the application and share a general denial blurb. The developers that meet these criteria must then go through rigorous security reviews with Amazon.
Stage 2: Information/security architecture questions
This step focuses on your free-form responses on information/security controls in place. If there are gaps identified, developers will be asked to provide additional information. After the developers are in compliance with our security policies on the form, they will be requested to provide detailed responses on fourteen additional security questions that are sent through an attachment.
Stage 3: Security architecture review (scheduled live meeting/demo)
In the final stage of evaluation, a live meeting is scheduled with the developer and a solution architect to review specific security topics based on the responses submitted. Upon completion of the meeting, if there are no open questions or security gaps, your Restricted access request will be approved. If more clarification or evidence is required, the developer must provide additional details before being considered for Restricted access. Note that all developers must make a successful call to Restricted API sections in order to maintain access to Restricted SP-API roles. Additionally, Amazon, Deloitte, or PWC might reach out to schedule a separate review (implementation phase) in 90+ days after the application has been running in production to confirm that data obtained from SP-API is handled in accordance with our policies.
To check the status of your registration request, refer to Check the status of your request to register as a developer.
Updated 4 months ago