AmzSpApi - Unofficial Ruby gem for the Amazon Selling Partner API (SP-API)
This SDK is automatically generated by running Swagger Codegen on each model from https://github.com/amzn/selling-partner-api-models using the codegen.sh script.
Auto-generated documentation is nested here: This is a handy way to see all the API model class names and corresponding files you need to require for them, e.g. require 'finances-api-model' to use https://www.rubydoc.info/gems/amz_sp_api/AmzSpApi/FinancesApiModel/DefaultApi
but https://developer-docs.amazon.com/sp-api is more comprehensive.
Add the gem to your Gemfile as per https://rubygems.org/gems/amz_sp_api
Please follow the installation procedure and then run the following code, see sp_configuration.rb for all options:
# Load the gem and specific api model you'd like to use
require 'amz_sp_api'
require 'fulfillment-outbound-api-model'
AmzSpApi.configure do |config|
config.refresh_token =
config.client_id =
config.client_secret =
# either use these:
config.aws_access_key_id =
config.aws_secret_access_key =
# OR config.credentials_provider which is passed along to https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/Sigv4/Signer.html, e.g.
# require 'aws-sdk-core'
# config.credentials_provider = Aws::STS::Client.new(
# region: AmzSpApi::SpConfiguration::AWS_REGION_MAP['eu'],
# access_key_id: ,
# secret_access_key:
# ).assume_role(role_arn: , role_session_name: SecureRandom.uuid)
config.region = 'eu'
config.timeout = 20 # seconds
# config.debugging = true
# optional lambdas for caching LWA access token instead of requesting it each time, e.g.:
config.save_access_token = -> (access_token_key, token) do
Rails.cache.write("SPAPI-TOKEN-#{access_token_key}", token[:access_token], expires_in: token[:expires_in] - 60)
end
config.get_access_token = -> (access_token_key) { Rails.cache.read("SPAPI-TOKEN-#{access_token_key}") }
end
begin
api = AmzSpApi::FulfillmentOutboundApiModel::FbaOutboundApi.new(AmzSpApi::SpApiClient.new)
p api.list_all_fulfillment_orders.payload
rescue AmzSpApi::ApiError => e
puts "Exception when calling SP-API: #{e}"
end
Configure as per above but also create a new client for each restrictedResources you need, e.g.:
require 'orders-api-model'
client = AmzSpApi::RestrictedSpApiClient.new({
'restrictedResources' => [
{
'method' => 'GET',
'path' => "/orders/v0/orders",
'dataElements' => ['buyerInfo', 'shippingAddress']
}
]
})
api_orders = AmzSpApi::OrdersApiModel::OrdersV0Api.new(client)
api_orders.get_orders(marketplace_ids, created_after: 1.day.ago.iso8601)
client = AmzSpApi::RestrictedSpApiClient.new({
'restrictedResources' => [
{
'method' => 'GET',
'path' => "/orders/v0/orders/#{my_order_id}",
'dataElements' => ['buyerInfo', 'shippingAddress']
}
]
})
api_orders = AmzSpApi::OrdersApiModel::OrdersV0Api.new(client)
api_orders.get_order(my_order_id)
# or you can use models AmzSpApi::RestrictedSpApiClient.new(AmzSpApi::TokensApiModel::CreateRestrictedDataTokenRequest.new(restricted_resources: [
AmzSpApi::TokensApiModel::RestrictedResource.new(...
This gem also offers encrypt/decrypt helper methods for feeds and reports, but actually using that API as per https://developer-docs.amazon.com/sp-api/docs/ requires the following calls, e.g. for feeds but reports is the same pattern:
feeds = AmzSpApi::FeedsApiModel::FeedsApi.new(AmzSpApi::SpApiClient.new)
response = feeds.create_feed_document({"contentType" => content_type})
# PUT to response.url with lowercase "content-type" header, it's already pre-signed
response = feeds.create_feed({"feedType" => feed_type, "marketplaceIds" => marketplace_ids, "inputFeedDocumentId" => response.feed_document_id})
response = feeds.get_feed(response.feed_id)
result_feed_document_id = response.result_feed_document_id # present once it is successful
response = feeds.get_feed_document(result_feed_document_id)
# GET response.url into compressed, again it's pre-signed so no authorization needed
report = AmzSpApi.inflate_document(compressed, response)
# you should capture the HTTP headers from downloading url as well since it's often Cp1252
report.force_encoding($1) if headers['Content-Type'] =~ /charset *= *([^;]+)/
CSV.parse(report, headers: true, col_sep: "\t", liberal_parsing: true) # if it's a CSV report type
Replace YOUR_APPLICATION_ID
and YOUR_REDIRECT_URI
with the appropriate information.
url = https://sellercentral.amazon.com/apps/authorize/consent?application_id=YOUR_APPLICATION_ID&state=<custom-state>&redirect_uri=YOUR_REDIRECT_URI
<a href=<%= url %>Authorize</a>
The state
parameter is optional, but useful for maintaining the state between the request and callback. The redirect_uri
should be a URL-encoded endpoint that the user will be redirected to after granting consent.
After authorizing your, you'll be redirected to the redirect_uri
, and the authorization code will be appended to it as a query parameter named spapi_oauth_code
. You should capture this code from the callback request at your redirect_uri
.
Write a Ruby function to exchange the authorization code for a refresh token.
def request_refresh_token(spapi_oauth_code)
body = {
code: spapi_oauth_code,
grant_type: 'authorization_code',
client_id: ENV['SP_API_CLIENT_ID'],
client_secret: ENV['SP_API_CLIENT_SECRET'],
redirect_uri: ENV['SP_API_REDIRECT_URI']
}
Faraday.post('https://api.amazon.com/auth/o2/token', body.to_json, {"Content-Type" => "application/json"});
end
This response will contain a refresh token that you can use to make API calls on behalf of the customer.
to https://github.com/patterninc/muffin_man as the basis for sp_api_client.rb