[URGENT]: Amazon MWS Key Reset Notification - 14 Day Notice


#21

@jeywalk I have asked for more information, but it’s all very vague. I’m expecting new credentials next week!

This is what they said a few days ago to me when I queried what was wrong:

You have either have shared your MWS credentials with others or is using other MWS users’ credentials to make API calls, which is identified as the incorrect authorization model and violates Amazon Acceptable Use Policy.

I really don’t believe I have!


#22

I simply answered the question that was asked to the best of my knowledge in an attempt to help the person who asked it.

My understanding of the purpose of these forums is to help each other, not attack each other. However, if you must, attack away! I find your attacks entertaining. :slight_smile:

Dynamic Enterprise Technologies Inc
Seattle Washington USA


#23

Just grant yourself an MWS auth token, I’m sure they sent this because you are sending naked signed (no token) MWS Requests…


#24

For most of time when making calls to my own seller account, I passed my seller id and it worked. More recently, I realized it does not matter what I pass for the MWSAuthToken when making calls to my own seller account. It can be blank, “abc”, or “xyz”, and it works. I came to the conclusion the value passed in the auth token field is ignored when you are calling your own seller account.

I did recently try authorizing my own developer ID under my own seller account. It seemed to work and I was provided an auth token. However, the developer ID and auth token were not later listed under my seller account like other developer authorizations were retained. In this experiment, I also passed the generated auth token in calls to my own seller account and those calls worked. However, since I had previously come to the conclusion that the auth token field is ignored when making calls to my own seller account, it was not surprising that it worked.

It would be interesting to know what each of the developers who received this email are passing for the MWSAuthToken field. If they are all passing blank, then I would agree putting a self-generated auth token in that field would be worth trying.

Dynamic Enterprise Technologies Inc
Seattle Washington USA