Get authorization to access PII for bulk orders

Learn how to use the Tokens API to access PII for bulk orders. The dataElements values that you specify (using the restrictedResources parameter of the createRestrictedDataToken operation) determine the type of restricted data that the RDT authorizes your application to access. In this tutorial we request an RDT that authorizes access to both buyer information and shipping address information.

Prerequisites

To complete this tutorial, you need:

• Authorization from the selling partner for whom you are making calls. Refer to Authorizing Selling Partner API applications for more information.

• Approval for the following roles:

  • Direct-to-consumer shipping. Required to access shipping address information.
  • Tax remittance. Required to access buyer information.
  • Tax invoicing. Required to access buyer information.

  To request access to these roles, refer to Registering as a developer and update your developer profile.

Step 1. Get an RDT

1. Call the createRestrictedDataToken operation.

2. Save the restrictedDataToken value (the RDT) to use in Step 2. Include the RDT with a call to the getOrders operation

Step 2. Include the RDT with a call to the getOrders operation

Call the getOrders operation of the Orders API, specifying the appropriate parameters to filter for the orders that you want. Be sure to include the RDT from Step 1. Get an RDT in the x-amz-access-token header of your call to getOrders. Because you specified both buyerInfo and shippingAddress in Step 1. Get an RDT, your call to getOrders is authorized to return both buyer information and shipping address information for each order. Had you specified only buyerInfo in Step 1, getOrders would be authorized to return only buyer information for each order. Had you specified only shippingAddress in Step 1, getOrders would be authorized to return only shipping address information for each order.