Renew Authorizations

Authorization allows your Selling Partner API (SP-API) application to call the SP-API on the selling partner's behalf. For security reasons, the selling partner must re-authorize your public application every 365 days, or anytime you add a role to your application.

This topic explains:

• How selling partners reauthorize your application.
• How to test your reauthorization workflow.

How selling partners reauthorize your application

To reauthorize your application, selling partners take the following steps:

1. Sign in to Seller Central.
2. Navigate to Manage Your Apps.
3. Find the application (or use the link from Amazon's reauthorization notice).
4. Choose Re-Authorize.
5. Review and accept the data access requested.
6. Complete the sign-in process on the developer's website (if required).

Prepare for reauthorization

Your application must:

• Handle the reauthorization process using OAuth, just like the initial authorization process. This process mirrors the Selling Partner Appstore authorization workflow.
• Process the authorization code and exchange it for new tokens.
• Update the stored refresh token for the selling partner.

Test your reauthorization workflow

It is important to test the reauthorization workflow to ensure that your application can exchange parameters with Amazon and receive authorization information. If this workflow is not set up correctly, existing sellers and vendors might lose access to your application when they try to reauthorize annually.

While your application is in Draft status, test the reauthorization workflows in the following scenarios:

• The selling partner enters the reauthorization flow when they are already logged into your website.
• The selling partner enters the reauthorization flow when they aren't logged into your website.

To test the reauthorization flow:

1. Use the Selling Partner Appstore authorization workflow or Website authorization workflow to create an initial authorization in your application.

   📘

   Note

   It's possible for the Draft and published versions of your application to be associated with different sets of roles. This happens when you haven't published your application after you add new roles. To get the latest set of roles, you must include version=beta in the authorization URI.

2. Visit the Manage Your Apps page within Seller Central or the Solution Provider Portal and choose the Re-authorize button to start the reauthorization workflow.

   If you're testing your workflow with a trusted selling partner, make sure that they log in to their selling partner account on Seller Central and navigate to the Manage Your Apps page to initiate the workflow.

   Amazon loads your log-in URI with similar parameters as in the Selling Partner Appstore authorization workflow. Your website should detect that this selling partner has an existing account and proceed with the authorization sequence (handle the authorization code and refresh the stored token).

   📘

   Note

   If your application is in Draft state, Amazon includes the version=beta parameter in authorization requests. This parameter is not included for published applications.