Authorization Errors
Describes common error codes and messages related to SP-API authorization.
Application authorization is required for integrating with the Selling Partner API. During this process, you might encounter error codes and error messages. The following troubleshooting tips can help unblock you if you encounter errors during the process.
For additional guidance, refer to the SP-API Errors FAQ.
Error codes
The following table provides common error codes that you might encounter with application authorization.
Error code | Cause | Steps to resolve |
---|---|---|
MD1000 | This error returns when OAuth production workflow is authorizing an SP-API application that is in draft state. | Add the
After your application is published, you can remove the
|
MD5101 | This error returns when the redirect URL provided during OAuth authorization does not match one of the redirect URLs listed for the SP-API application. | Verify that you are using the correct redirect URL. In Seller Central: From the Seller Central menu, choose Apps and Services, then choose Develop Apps. Choose Edit App next to the app you'd like to verify. Verify the OAuth Redirect URI listed in the console and the redirect URL of the page where you received the error match. If the URLs do not match, add the redirect URL to the console. If you are using the published version of your app, make sure you publish the update. |
MD5110 | This error returns when the URL Redirect contains fragments. For more details, refer to section 3.1.2 of the OAuth 2.0 Authorization Framework. | Check the redirect URL for fragments. In Seller Central: From the Seller Central menu, choose Apps and Services, then choose Develop Apps. Choose Edit App next to the app you'd like to verify. Verify the redirect URL is valid syntactically and does not contain fragment characters such as # . |
MD9010 | This error returns when there is no MWS developer ID associated with the region where you are authorizing your MWS or hybrid application. | Verify that your app is published and that the MWS developer ID is valid for the region where you are authorizing your application. In Seller Central: From the Seller Central menu, choose Apps and Services, then choose Develop Apps. Choose Edit App next to the app you'd like to verify. Verify the app is in a published state. Verify a valid MWS developer ID is listed for the region where you are authorizing your MWS or hybrid application. |
MD9100 | This error returns when your SP-API application is missing Login URI and Redirect URI information. | Update your app Login URI and Redirect URI. In Seller Central: From the Seller Central menu, choose Apps and Services, then choose Develop Apps. Choose Edit App next to the app you'd like to verify. Update the OAuth Login URI and OAuth Redirect URI details. |
500 | This error returns due to errors in the header. | Check that the Content-Type header is set to application/x-www-form-urlencoded and the request parameters are added to the body, and not as query parameters. |
Error messages
The following table provides common error messages that you might encounter with application authorization.
Error message | Possible scenarios |
---|---|
Credential should be scoped to a valid region | In the signature, make sure that the AWS Region you added to the credentials scope and the region of the endpoint you are sending the request match. Refer to Selling Partner API Endpoints to identify which AWS Region you should use for your respective selling region. |
Access to requested resource is denied | Access denied error messages returns due to Unauthorized errors or MissingAuthenticationToken errors. |
Unauthorized | An Unauthorized with status code 403 error returns for the following scenarios:
|
MissingAuthenticationToken | As Selling Partner API uses the AWS Signature Version 4 signing process for authenticating requests, make sure to sign the HTTP requests using your AWS access keys. If you used AWS STS to request a set of temporary AWS access keys to sign your requests, verify that you are using the requested temporary AWS keys. For additional resources, refer to the AWS Selling Partner API QuickStart and example code. |
Updated about 2 months ago