Download the PHP package ansas/amazon-selling-partner-api without Composer

Selling Partner API for PHP

A PHP library for connecting to Amazon's Selling Partner API.

	This package is developed and maintained as part of Highside Labs. If you need support integrating with Amazon's (or any other e-commerce platform's) APIs, we're happy to help! Shoot us an email at [email protected]. We'd love to hear from you :)

If you've found this library useful, please consider becoming a Sponsor, or making a one-time donation via the button below. I appreciate any and all support you can provide!

Features

• Supports all Selling Partner API operations (for Sellers and Vendors) as of 11/13/2022 (see here for links to documentation for all calls)
• Supports applications made with both IAM user and IAM role ARNs (docs)
• Automatically generates Restricted Data Tokens for all calls that require them -- no extra calls to the Tokens API needed
• Includes a Document helper class for uploading and downloading feed/report documents

Sponsors

• Tesmo

Installation

composer require ansas/selling-partner-api

Table of Contents

Check out the Getting Started section below for a quick overview.

This README is divided into several sections:

• Setup
  • Configuration options
• Examples
• Debug mode
• Supported API segments
  • Seller APIs
  • Vendor APIs
• Restricted operations
• Uploading and downloading documents
  • Downloading a report document
  • Uploading a feed document
  • Downloading a feed result document
• Working with model classes
• Response headers
• Custom request authorization
• Custom request signing

Getting Started

Prerequisites

You need a few things to get started:

• A Selling Partner API developer account
• An AWS IAM user or role configured for use with the Selling Partner API
• A Selling Partner API application

If you're looking for more information on how to set those things up, check out this blog post. It provides a detailed walkthrough of the whole setup process.

Setup

The Configuration constructor takes a single argument: an associative array with all the configuration information that's needed to connect to the Selling Partner API:

If you created your Selling Partner API application using an IAM role ARN instead of a user ARN, pass that role ARN in the configuration array:

Getter and setter methods exist for the Configuration class's lwaClientId, lwaClientSecret, lwaRefreshToken, awsAccessKeyId, awsSecretAccessKey, and endpoint properties. The methods are named in accordance with the name of the property they interact with: getLwaClientId, setLwaClientId, getLwaClientSecret, etc.

$config can then be passed into the constructor of any SellingPartnerApi\Api\*Api class. See the Example section for a complete example.

Configuration options

The array passed to the Configuration constructor accepts the following keys:

• lwaClientId (string): Required. The LWA client ID of the SP API application to use to execute API requests.
• lwaClientSecret (string): Required. The LWA client secret of the SP API application to use to execute API requests.
• lwaRefreshToken (string): The LWA refresh token of the SP API application to use to execute API requests. Required, unless you're only using the Configuration instance to call grantless operations.
• awsAccessKeyId (string): Required. AWS IAM user Access Key ID with SP API ExecuteAPI permissions.
• awsSecretAccessKey (string): Required. AWS IAM user Secret Access Key with SP API ExecuteAPI permissions.
• endpoint (array): Required. An array containing a url key (the endpoint URL) and a region key (the AWS region). There are predefined constants for these arrays in lib/Endpoint.php: (NA, EU, FE, and NA_SANDBOX, EU_SANDBOX, and FE_SANDBOX. See here for more details.
• accessToken (string): An access token generated from the refresh token.
• accessTokenExpiration (int): A Unix timestamp corresponding to the time when the accessToken expires. If accessToken is given, accessTokenExpiration is required (and vice versa).
• onUpdateCredentials (callable|Closure): A callback function to call when a new access token is generated. The function should accept a single argument of type SellingPartnerApi\Credentials.
• roleArn (string): If you set up your SP API application with an AWS IAM role ARN instead of a user ARN, pass that ARN here.
• authenticationClient (GuzzleHttp\ClientInterface): Optional GuzzleHttp\ClientInterface object that will be used to generate the access token from the refresh token
• tokensApi (SellingPartnerApi\Api\TokensApi): Optional SellingPartnerApi\Api\TokensApi object that will be used to fetch Restricted Data Tokens (RDTs) when you call a restricted operation
• authorizationSigner (SellingPartnerApi\Contract\AuthorizationSignerContract): Optional SellingPartnerApi\Contract\AuthorizationSignerContract implementation. See Custom Authorization Signer section
• requestSigner (SellingPartnerApi\Contract\RequestSignerContract): Optional SellingPartnerApi\Contract\RequestSignerContract implementation. See Custom Request Signer section.

Examples

This example assumes you have access to the Seller Insights Selling Partner API role, but the general format applies to any Selling Partner API request.

Debug mode

To get debugging output when you make an API request, you can call $config->setDebug(true). By default, debug output goes to stdout via php://output, but you can redirect it a file with $config->setDebugFile('<path>').

Supported API segments

Each API class name contains the API's version. This allows for multiple versions of the same API to be accessible in a single version of this package. It makes the class names a little uglier, but allows for simultaneously using new and old versions of the same API segment, which is often useful. The uglier names can be remedied by formatting use statements like so:

It also means that if a new version of an existing API is introduced, the library can be updated to include that new version without introducing breaking changes.

Seller APIs

• A+ Content API (2020-11-01)
• Authorization API (V1)
• Catalog Items API (2022-04-01)
• Catalog Items API (2021-12-01)
• Catalog Items API (V0)
• EasyShip API (2022-03-23)
• FBA Inbound API (V0)
• FBA Inbound Eligibility API (V1)
• FBA Inventory API (V1)
• FBA Outbound API (2020-07-01)
• Feeds API (2021-06-30)
• Fees API (V0)
• Finances API (V0)
• Listings API (2021-08-01)
• Listings Restrictions API (2021-08-01)
• Merchant Fulfillment API (V0)
• Messaging API (V1)
• Notifications API (V1)
• Orders API (V0)
• Product Pricing API (V0)
• Product Pricing API (V2022-05-01)
• Product Type Definitions API (2020-09-01)
• Reports API (2021-06-30)
• Sales API (V1)
• Sellers API (V1)
• Service API (V1)
• Shipment Invoicing API (V0)
• Shipping API (V1)
• Shipping API (V2)
• Small and Light API (V1)
• Solicitations API (V1)
• Restricted Data Tokens API (2021-03-01)
• Uploads API (2020-11-01)

Vendor APIs

• Direct Fulfillment Inventory API (V1)
• Direct Fulfillment Orders API (V1)
• Direct Fulfillment Orders API (2021-12-28)
• Direct Fulfillment Payments API (V1)
• Direct Fulfillment Sandbox API (2021-10-28)
• Direct Fulfillment Shipping API (V1)
• Direct Fulfillment Shipping API (2021-12-28)
• Direct Fulfillment Transactions API (V1)
• Direct Fulfillment Transactions API (2021-12-28)
• Invoices API (V1)
• Orders API (V1)
• Shipping API (V1)
• Transaction Status API (V1)

Restricted operations

When you call a restricted operation, a Restricted Data Token (RDT) is automatically generated. If you're calling a restricted operation that accepts a dataElements parameter, you can pass dataElements values as a parameter to the API call. Check out the getOrders, getOrder, and getOrderItems documentation to see how to pass dataElements values to those calls. (At the time of writing, those are the only restricted operations that accept dataElements values.)

Uploading and downloading documents

The Feeds and Reports APIs include operations that involve uploading and downloading documents to and from Amazon. Amazon encrypts all documents they generate, and requires that all uploaded documents be encrypted. The SellingPartnerApi\Document class handles all the encryption/decryption, given an instance of one of the Model\ReportsV20210630\ReportDocument, Model\FeedsV20210630\FeedDocument, or Model\FeedsV20210630\CreateFeedDocumentResponse classes. Instances of those classes are in the response returned by Amazon when you make a call to the getReportDocument, getFeedDocument, and createFeedDocument endpoints, respectively.

Downloading a report document

If you are manipulating huge reports you can use downloadStream() to minimize the memory consumption. downloadStream() will return a Psr\Http\Message\StreamInterface.

Uploading a feed document

If you are manipulating huge feed documents you can pass to upload() anything that Guzzle can turn into a stream.

Downloading a feed result document

This works very similarly to downloading a report document:

Working with model classes

Most operations have one or more models associated with it. These models are classes that contain the data needed to make a certain kind of request to the API, or contain the data returned by a given request type. All of the models share the same general interface: you can either specify all the model's attributes during initialization, or set each attribute after the fact. Here's an example using the Service API's Buyer model (docs, (source).

The Buyer model has four attributes: buyer_id, name, phone, and is_prime_member. (If you're wondering how you would figure out which attributes the model has on your own, check out the docs link above.) To create an instance of the Buyer model with all those attributes set:

Alternatively, you can create an instance of the Buyer model and then populate its fields:

Each model also has the property accessors you might expect:

Models can (and usually do) have other models as attributes:

Response headers

Amazon includes some useful headers with each SP API response. If you need those for any reason, you can get an associative array of response headers by calling getHeaders() on the response object. For instance:

Custom Authorization Signer

You may need to do custom operations while signing the API request. You can create a custom authorization signer by creating an implementation of the AuthorizationSignerContract interface and passing it into the Configuration constructor array.

Custom Request Signer

You may also need to customize the entire request signing process – for instance, if you need to call an external service in the process of signing the request. You can do so by creating an implementation of the RequestSignerContract interface, and passing an instance of it into the Configuration constructor array.