Authenticate to Amazon AMS API using PHP POST

Question

I took this code from elsewhere on SO. It works just as advertised. However, I'm trying to do the same thing with POST instead of GET which is apparently what AMS recommends and is how this particular call is placed on the AMS Scratchpad.

The code that does work with GET

<?php
$param = array();
$param['AWSAccessKeyId']   = 'YourAccessKeyID'; 
$param['Action']           = 'GetLowestOfferListingsForASIN'; 
$param['SellerId']         = 'YourSellerID'; 
$param['SignatureMethod']  = 'HmacSHA256';  
$param['SignatureVersion'] = '2'; 
$param['Timestamp']        = gmdate("Y-m-d\TH:i:s.\\0\\0\\0\\Z", time());
$param['Version']          = '2011-10-01'; 
$param['MarketplaceId']    = 'YourMarketplaceID'; 
$param['ItemCondition']    = 'new';
$param['ASINList.ASIN.1']  = 'B00C5XBAOA';
$secret = 'YourSecretKey';

$url = array();
foreach ($param as $key => $val) {

    $key = str_replace("%7E", "~", rawurlencode($key));
    $val = str_replace("%7E", "~", rawurlencode($val));
    $url[] = "{$key}={$val}";
}

sort($url);

$arr   = implode('&', $url);

$sign  = 'GET' . "\n";
$sign .= 'mws.amazonservices.com' . "\n";
$sign .= '/Products/2011-10-01' . "\n";
$sign .= $arr;

$signature = hash_hmac("sha256", $sign, $secret, true);
$signature = urlencode(base64_encode($signature));

$link  = "https://mws.amazonservices.com/Products/2011-10-01?";
$link .= $arr . "&Signature=" . $signature;
echo($link); //for debugging - you can paste this into a browser and see if it loads.

$ch = curl_init($link);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-type: application/xml'));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); 
$response = curl_exec($ch);
$info = curl_getinfo($ch);
curl_close($ch);

echo('<p>' . $response . '</p>');
print_r('<p>' . $info . '</p>');
?>

The code that does not work with POST

<?php
$post = '';
$param = array();
$param['AWSAccessKeyId']   = 'YourAccessKeyID'; 
$param['Action']           = 'GetLowestOfferListingsForASIN'; 
$param['SellerId']         = 'YourSellerID'; 
$param['SignatureMethod']  = 'HmacSHA256';  
$param['SignatureVersion'] = '2'; 
$param['Timestamp']        = gmdate("Y-m-d\TH:i:s.\\0\\0\\0\\Z", time());
$param['Version']          = '2011-10-01'; 
$param['MarketplaceId']    = 'YourMarketplaceID'; 
$param['ItemCondition']    = 'new';
$param['ASINList.ASIN.1']  = 'B00C5XBAOA';
$secret = 'YourSecretKey';

$url = array();
foreach ($param as $key => $val) {

    $key = str_replace("%7E", "~", rawurlencode($key));
    $val = str_replace("%7E", "~", rawurlencode($val));
    $url[] = "{$key}={$val}";
}

sort($url);

$arr   = implode('&', $url);

$sign  = 'POST' . "\n";
$sign .= 'mws.amazonservices.com' . "\n";
$sign .= '/Products/2011-10-01' . "\n";
$sign .= $arr;

$signature = hash_hmac("sha256", $sign, $secret, true);
$signature = urlencode(base64_encode($signature));
$post .= $arr . "&Signature=" . $signature;
echo $post;

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,"https://mws.amazonservices.com/Products/2011-10-01");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, '$post');
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-type: application/xml'));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); 
$response = curl_exec($ch);
$info = curl_getinfo($ch);
curl_close($ch);
$response = simplexml_load_string($response);
print_r($response);
//print_r($info);

?>

I get the following response:

(
    [Error] => SimpleXMLElement Object
        (
            [Type] => Sender
            [Code] => InvalidParameterValue
            [Message] => Either Action or Operation query parameter must be present.
        )

    [RequestID] => b6d5ee02-6ace-4482-92b7-xxxxxxxxxx
)

I believe I'm doing something wrong with the signature authentication. Any help would be appreciated.

Hi, Are you working on api for Amazon marketing services(AMS) ? I need some guidance in getting campaigns and other data via apis for AMS.Please look at below link: https://stackoverflow.com/questions/45493037/how-to-get-amazon-marketing-services-ams-sponsored-campaign-programmatically Thanks in advance. — Jimmy, Aug 04 '17 at 09:09

score 0 · Answer 1 · answered Nov 08 '15 at 11:04

I fix the POST script.

You must delete CURLOPT_HTTPHEADER in curl options and delete que single quote on $post on CURLOPT_POSTFIELDS.

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,"https://mws.amazonservices.es/Products/2011-10-01");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); 
$response = curl_exec($ch);
$info = curl_getinfo($ch);
curl_close($ch);

header("Content-Type: text/xml;charset=UTF-8");
echo($response);

Salut, Josep M

Hi, Are you working on api for Amazon marketing services(AMS) ? I need some guidance in getting campaigns and other data via apis for AMS.Please look at below link:https://stackoverflow.com/questions/45493037/how-to-get-amazon-marketing-services-ams-sponsored-campaign-programmatically Thanks in advance. — Jimmy, Aug 17 '17 at 06:29

Authenticate to Amazon AMS API using PHP POST

1 Answers1