Skip to content

Amazon Endpoints

Base path: /api/v1/multi + router prefix /amazon → full base: /api/v1/multi/amazon

Summary: Credential management and credential verification endpoints used by multi-repricer flows. These endpoints store and validate SP-API credentials and toggle which credentials are active for background jobs.

Auth: All endpoints require a valid Bearer JWT (see global authentication middleware). Tests can be run against temporary credentials without storing them (the /test route).

Rate limiting: Subject to service rate limiter (250 requests / 60s).


Models

  • AmazonCredentialCreate — request payload when creating credentials (fields: display_name, client_id, client_secret, refresh_token, authorized, active, active_omni, active_multi). See backend/service_multi-repricer/app/models/amazon_credentials.py.
  • AmazonCredentialResponse — stored credential response with id, created_at, updated_at, and optional token, expires_at.

Endpoints

  • GET / — List saved Amazon credentials
  • Path: GET /api/v1/multi/amazon/
  • Query params: skip (int, default 0), limit (int, default 100)
  • Response: 200List[AmazonCredentialResponse]
  • Notes: uses DB dependency get_db.

  • POST / — Create new Amazon credentials

  • Path: POST /api/v1/multi/amazon/
  • Body: AmazonCredentialCreate (JSON)
  • Response: 201/200AmazonCredentialResponse (created record)
  • Side effects: stored in DB, authorized flag defaults to False until validated.

  • PUT /{id} — Update existing credential

  • Path: PUT /api/v1/multi/amazon/{id}
  • Body: AmazonCredentialUpdate (JSON)
  • Response: 200 — updated AmazonCredentialResponse
  • Errors: 404 if credential id not found.

  • DELETE /{id} — Remove credential

  • Path: DELETE /api/v1/multi/amazon/{id}
  • Response: 200 — the deleted AmazonCredentialResponse
  • Errors: 404 if credential id not found.

  • GET /{id} — Get credential by id

  • Path: GET /api/v1/multi/amazon/{id}
  • Response: 200AmazonCredentialResponse
  • Errors: 404 if credential id not found.

  • POST /{id}/toggle-active — Toggle active flag on credential

  • Path: POST /api/v1/multi/amazon/{id}/toggle-active
  • Response: 200 — updated AmazonCredentialResponse
  • Notes: toggles DB value used by background jobs.

  • POST /test — Validate temporary credentials (not stored)

  • Path: POST /api/v1/multi/amazon/test
  • Body: AmazonCredentialCreate (JSON)
  • Response: 200{ "valid": true|false }
  • Notes: constructs a credentials dict and calls services.amazon.spapi_client.verify_credentials(...) with Marketplaces.DE.

  • POST /{id}/test — Validate saved credentials by id (and update authorized if changed)

  • Path: POST /api/v1/multi/amazon/{id}/test
  • Response: 200{ "valid": true|false }
  • Side effects: updates DB authorized flag if verification result differs from stored value.

Example: Test temporary credentials

Request:

curl -X POST "http://localhost:8000/api/v1/multi/amazon/test" \
    -H "Authorization: Bearer <TOKEN>" \
    -H "Content-Type: application/json" \
    -d '{
        "display_name": "My SP-API",
        "client_id": "amzn.lwa.xxxxx",
        "client_secret": "xxxxxxxx",
        "refresh_token": "Atzr|IwEBI..."
    }'

Response:

{ "valid": true }

Implementation notes

  • The endpoints use the amazon_credentials CRUD helper (crud.amazon_credentials) to persist credentials in the DB.
  • Verification uses services.amazon.spapi_client.verify_credentials(credentials_dict, marketplace=Marketplaces.DE). See service docs for spapi_client specifics and rate-limiting behavior.
  • Credential objects include flags active_multi / active_omni / active to support different services — toggling is provided via endpoints and read by background cron jobs.


Generated: detailed reference for amazon endpoints in service_multi-repricer.