主页文档代码示例API 参考公告模型发行说明常见问题GitHub视频
开发者中心API 状态支持
文档
开发者中心API 状态支持

授权错误

介绍与 SP-API 授权相关的常见错误代码和消息。

要与销售伙伴 API 集成,需要获得应用程序授权。在此过程中,您可能会遇到错误代码和错误消息。如果您在该过程中遇到错误,以下故障排除技巧可以帮助您解除障碍。

For additional guidance, refer to the SP-API Errors FAQ.

错误代码

下表提供了在应用程序授权时可能遇到的常见错误代码。

错误代码原因解决步骤
MD1000

当 OAuth 生产工作流程授权处于草稿状态的 SP-API 应用程序时,会返回此错误。

version=beta 参数添加到 OAuth 授权 URI:

https://sellercentral.amazon.com/apps/authorize/consent?application_id=appidexample&state=stateexample&version=beta

应用程序发布后,您可以移除 version=beta 参数。

MD5101当 OAuth 授权期间提供的重定向 URL 与 SP-API 应用程序列出的某个重定向网址不匹配时,将返回此错误。Verify that you are using the correct redirect URL.
In Seller Central:
From the Seller Central menu, choose Apps and Services, then choose Develop Apps. Choose Edit App next to the app you'd like to verify. Verify the OAuth Redirect URI listed in the console and the redirect URL of the page where you received the error match. If the URLs do not match, add the redirect URL to the console. If you are using the published version of your app, make sure you publish the update.
MD5110This error returns when the URL Redirect contains fragments.
For more details, refer to section 3.1.2 of the OAuth 2.0 Authorization Framework.
Check the redirect URL for fragments. In Seller Central:
From the Seller Central menu, choose Apps and Services, then choose Develop Apps. Choose Edit App next to the app you'd like to verify. Verify the redirect URL is valid syntactically and does not contain fragment characters such as #.
MD9100当您的 SP-API 应用程序缺少登录 URI 和重定向 URI 信息时,会返回此错误。 Update your app Login URI and Redirect URI. In Seller Central:
From the Seller Central menu, choose Apps and Services, then choose Develop Apps. Choose Edit App next to the app you'd like to verify. Update the OAuth Login URI and OAuth Redirect URI details.
500此错误是由于标头中存在错误而返回。 检查 Content-Type 标头是否设置为 application/x-www-form-urlencoded,请求参数是否已添加到正文中,而不是作为查询参数。

错误消息

下表提供了在应用程序授权时可能遇到的常见错误消息。

错误消息可能的情况
Credential should be scoped to a valid regionIn the signature, make sure that the AWS Region you added to the credentials scope and the region of the endpoint you are sending the request match. Refer to Selling Partner API Endpoints to identify which AWS Region you should use for your respective selling region.
Access to requested resource is denied由于 Unauthorized 错误或 MissingAuthenticationToken 错误,返回拒绝访问的错误消息。
UnauthorizedAn Unauthorized with status code 403 error returns for the following scenarios:
- Region mismatch: Ensure that the seller account you are making a request to and the request endpoint are in the same region. The Selling Partner application is global but seller accounts are not. Refer to SP-API Endpoints for more information.
- API access: Ensure that your application has access to the API operation you are using. To verify role permissions in Solution Provider Portal, choose Edit App next to the app you'd like to verify and review the roles selected for your application. - Missing SP-API Role: If you are missing the role you need for API access, check your Developer Profile to verify you have requested access to that role. If you are missing access to a restricted role, you might need to re-submit your Developer Profile to get access to that restricted role. After the role is added, re-authorize your application (that is, generate a new Login With Amazon (LWA) refresh token to make valid API calls). For more information, refer to Frequently Asked Questions in Roles in the Selling Partner API.
MissingAuthenticationTokenAs Selling Partner API uses the AWS Signature Version 4 signing process for authenticating requests, make sure to sign the HTTP requests using your AWS access keys. If you used AWS STS to request a set of temporary AWS access keys to sign your requests, verify that you are using the requested temporary AWS keys. For additional resources, refer to the AWS Selling Partner API QuickStart and example code.

此页面对您有帮助吗?