SP-API Roles FAQ

You request and qualify for SP-API roles through your developer profile. After you submit your developer profile, Amazon evaluates the information provided and approves or denies your request. If denied, you can address the reason for the denial and then resubmit your profile.

When you register your SP-API application, you can choose roles from among those that you requested (and were approved for) in your developer profile. If the role that you need is missing, you must update the roles in your developer profile to include the new role, and then resubmit your profile for evaluation by Amazon. If you are approved, the added role will be available to select for your application.

📘

Note

If you published a hybrid SP-API application, you must relist your application before reauthorization.

Review the role descriptions in this document to understand the purpose of each role, and to get examples of the resources and operations governed by each role.

To determine which role is required SP-API operation and type, refer to the following topics:

• Role Mappings for Operations
• Role Mappings for Types

The response to the request has an HTTP status code of 403, and the response body includes error information.

To add a new role after you publish your application, perform the following steps:

1. Go to your developer profile and submit the role that you want to add.
2. After your developer profile is approved, go to your application configuration and apply the newly approved role to your application. Save the changes and re-list the application.
3. After the application is approved, get new authorizations to generate a new refresh token that grants access to the API operations, reports, feeds, and notifications that the new role provides.