Ringkasan
Amazon Selling Partner API (SP-API) adalah API berbasis REST yang memungkinkan akses terprogram ke data penjual untuk pesanan, inventaris, daftar produk, dan pemenuhan. API ini menggunakan otentikasi OAuth 2.0 dengan peran IAM, memerlukan penandatanganan AWS SigV4, dan menerapkan batas kecepatan yang bervariasi per endpoint (0.1 hingga 100 permintaan per detik). Panduan ini mencakup pengaturan akun, otentikasi, endpoint inti, langganan webhook, dan strategi penerapan produksi.
Pendahuluan
Amazon memproses lebih dari 350 juta produk di 200+ marketplace di seluruh dunia. Bagi pengembang yang membangun alat e-commerce, sistem manajemen inventaris, atau platform analitik, integrasi Amazon SP-API adalah kebutuhan utama.
Fakta di lapangan: penjual Amazon menghabiskan 20-30 jam/minggu untuk entri data manual terkait pesanan, inventaris, dan produk. Integrasi SP-API yang solid mengotomatiskan sinkronisasi pesanan, pembaruan inventaris, dan manajemen daftar produk di berbagai marketplace.
Panduan ini membahas langkah demi langkah integrasi Amazon SP-API: pengaturan peran IAM, otorisasi OAuth 2.0, penandatanganan AWS SigV4, manajemen pesanan dan inventaris, langganan notifikasi, dan troubleshooting. Hasil akhirnya, Anda siap menjalankan integrasi Amazon production-ready.
💡 Tip: Apidog memudahkan pengujian integrasi API: uji endpoint SP-API, validasi alur OAuth, cek signature request, dan debug authentication—all in one workspace. Impor spesifikasi API, simulasi respons, dan kolaborasi pengujian dengan tim.
Apa Itu Amazon SP-API?
Amazon Selling Partner API (SP-API) adalah API REST yang menyediakan akses ke Seller Central. SP-API menggantikan MWS lama dengan keamanan, performa, dan fitur lebih baik.
Kemampuan Utama
SP-API mendukung:
- Pengambilan dan update status pesanan
- Manajemen inventaris multi-marketplace
- CRUD daftar produk
- Manajemen pengiriman FBA
- Harga produk & analisis kompetitif
- Laporan & analitik
- Konten A+ dan data periklanan
Perbandingan SP-API vs MWS
| Fitur | SP-API | MWS (Lama) |
|---|---|---|
| Arsitektur | RESTful JSON | XML |
| Otentikasi | OAuth 2.0 + IAM | Token MWS |
| Keamanan | AWS SigV4 | Token sederhana |
| Batas Kecepatan | Dinamis per endpoint | Kuota tetap |
| Marketplace | Endpoint terpadu | Per wilayah |
| Status | Aktif | EOL (Des 2025) |
Migrasi: Upgrade MWS ke SP-API sebelum Desember 2025.
Arsitektur API
Amazon SP-API memakai endpoint regional dengan otorisasi terpusat:
https://sellingpartnerapi-na.amazon.com (Amerika Utara)
https://sellingpartnerapi-eu.amazon.com (Eropa)
https://sellingpartnerapi-fe.amazon.com (Asia-Pasifik)
Setiap request wajib:
- Signature AWS SigV4
- Token akses OAuth
- Izin peran IAM
- ID permintaan (untuk trace)
Marketplace yang Didukung
| Wilayah | Marketplace | Endpoint API |
|---|---|---|
| Amerika Utara | AS, CA, MX | sellingpartnerapi-na.amazon.com |
| Eropa | UK, DE, FR, IT, ES, NL, SE, PL, TR, EG, IN, AE, SA | sellingpartnerapi-eu.amazon.com |
| Asia-Pasifik | JP, AU, SG, BR | sellingpartnerapi-fe.amazon.com |
Memulai: Pengaturan Akun dan IAM
1. Daftar Akun Pengembang Amazon
- Kunjungi Amazon Developer Central
- Login dengan akun Seller Central
- Buka Selling Partner API di dashboard
- Setujui Perjanjian Pengembang
2. Daftarkan Aplikasi Anda
- Login ke Seller Central
- Menu: Aplikasi & Layanan → Kembangkan Aplikasi
- Klik Tambah Aplikasi Baru
- Isi:
- Nama Aplikasi (deskriptif)
- Jenis: Sendiri/pihak ketiga
- Kasus Penggunaan (jelaskan tujuan)
- URI Pengalihan: URL HTTPS callback OAuth
Setelah submit Anda akan mendapatkan:
- ID Aplikasi
- ID Klien
- Rahasia Klien
Tips security: simpan semua credential di environment variable, JANGAN hardcode!
# .env
AMAZON_APPLICATION_ID="amzn1.application.xxxxx"
AMAZON_CLIENT_ID="amzn1.account.xxxxx"
AMAZON_CLIENT_SECRET="your_client_secret_here"
AMAZON_SELLER_ID="your_seller_id_here"
AWS_ACCESS_KEY_ID="your_aws_access_key"
AWS_SECRET_ACCESS_KEY="your_aws_secret_key"
AWS_REGION="us-east-1"
3. Buat Peran IAM untuk SP-API
- Masuk ke AWS IAM Console
- Menu: Peran → Buat Peran
- Pilih Akun AWS Lain sebagai trusted entity
- Masukkan ID akun Amazon regional:
- Amerika Utara:
906394416454 - Eropa:
336853085554 - Asia-Pasifik:
774466381866
- Amerika Utara:
4. Lampirkan Kebijakan IAM
Lampirkan kebijakan berikut pada role:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"execute-api:Invoke"
],
"Resource": [
"arn:aws:execute-api:*:*:*/prod/*/sellingpartnerapi/*"
]
}
]
}
Beri nama deskriptif, simpan ARN peran.
5. Tautkan Peran IAM ke Aplikasi
- Seller Central → Kembangkan Aplikasi
- Pilih aplikasi Anda
- Edit → ARN Peran IAM
- Masukkan ARN peran IAM
- Simpan, tunggu status “Tertaut”
Alur Otentikasi OAuth 2.0
Skema OAuth SP-API
- Penjual klik "Otorisasi"
- Dialihkan ke URL OAuth Amazon
- Penjual login & memberi izin
- Redirect ke aplikasi dengan kode otorisasi
- Tukar kode untuk token LWA (Login with Amazon)
- Tukar token LWA untuk akses SP-API
- Gunakan token akses untuk request (wajib SigV4)
- Refresh token otomatis sebelum expiry (1 jam)
6. Generate URL Otorisasi
const generateAuthUrl = (clientId, redirectUri, state) => {
const baseUrl = 'https://www.amazon.com/sp/apps/oauth/authorize';
const params = new URLSearchParams({
application_id: process.env.AMAZON_APPLICATION_ID,
client_id: clientId,
redirect_uri: redirectUri,
state: state,
scope: 'sellingpartnerapi::notifications'
});
return `${baseUrl}?${params.toString()}`;
};
// Penggunaan
const authUrl = generateAuthUrl(
process.env.AMAZON_CLIENT_ID,
'https://your-app.com/callback',
crypto.randomBytes(16).toString('hex')
);
console.log(`Redirect user to: ${authUrl}`);
7. Tukar Kode untuk Token LWA
const exchangeCodeForLwaToken = async (code, redirectUri) => {
const response = await fetch('https://api.amazon.com/auth/o2/token', {
method: 'POST',
headers: {
'Accept': 'application/json',
'Content-Type': 'application/x-www-form-urlencoded'
},
body: new URLSearchParams({
grant_type: 'authorization_code',
client_id: process.env.AMAZON_CLIENT_ID,
client_secret: process.env.AMAZON_CLIENT_SECRET,
redirect_uri: redirectUri,
code: code
})
});
if (!response.ok) {
const error = await response.json();
throw new Error(`LWA Token Error: ${error.error_description}`);
}
const data = await response.json();
return {
access_token: data.access_token,
refresh_token: data.refresh_token,
expires_in: data.expires_in,
token_type: data.token_type
};
};
// Route callback
app.get('/callback', async (req, res) => {
const { spapi_oauth_code, state } = req.query;
if (state !== req.session.oauthState) {
return res.status(400).send('Invalid state parameter');
}
try {
const tokens = await exchangeCodeForLwaToken(spapi_oauth_code, 'https://your-app.com/callback');
await db.sellers.update(req.session.sellerId, {
amazon_lwa_access_token: tokens.access_token,
amazon_lwa_refresh_token: tokens.refresh_token,
amazon_token_expires: Date.now() + (tokens.expires_in * 1000)
});
res.redirect('/dashboard');
} catch (error) {
console.error('Token exchange failed:', error);
res.status(500).send('Authentication failed');
}
});
8. Refresh Token Otomatis
const refreshLwaToken = async (refreshToken) => {
const response = await fetch('https://api.amazon.com/auth/o2/token', {
method: 'POST',
headers: {
'Accept': 'application/json',
'Content-Type': 'application/x-www-form-urlencoded'
},
body: new URLSearchParams({
grant_type: 'refresh_token',
client_id: process.env.AMAZON_CLIENT_ID,
client_secret: process.env.AMAZON_CLIENT_SECRET,
refresh_token: refreshToken
})
});
const data = await response.json();
return {
access_token: data.access_token,
refresh_token: data.refresh_token,
expires_in: data.expires_in
};
};
const ensureValidToken = async (sellerId) => {
const seller = await db.sellers.findById(sellerId);
if (seller.amazon_token_expires < Date.now() + 300000) {
const newTokens = await refreshLwaToken(seller.amazon_lwa_refresh_token);
await db.sellers.update(sellerId, {
amazon_lwa_access_token: newTokens.access_token,
amazon_lwa_refresh_token: newTokens.refresh_token,
amazon_token_expires: Date.now() + (newTokens.expires_in * 1000)
});
return newTokens.access_token;
}
return seller.amazon_lwa_access_token;
};
Penandatanganan Permintaan AWS SigV4
Cara Kerja SigV4
Semua request SP-API WAJIB memakai AWS Signature Version 4.
Penandatanganan Manual (Node.js)
const crypto = require('crypto');
class SigV4Signer {
constructor(accessKey, secretKey, region, service = 'execute-api') {
this.accessKey = accessKey;
this.secretKey = secretKey;
this.region = region;
this.service = service;
}
sign(method, url, body = '', headers = {}) {
const parsedUrl = new URL(url);
const now = new Date();
const amzDate = now.toISOString().replace(/[:-]|\.\d{3}/g, '');
const dateStamp = amzDate.slice(0, 8);
headers['host'] = parsedUrl.host;
headers['x-amz-date'] = amzDate;
headers['x-amz-access-token'] = this.accessToken;
headers['content-type'] = 'application/json';
const canonicalHeaders = Object.entries(headers)
.sort(([a], [b]) => a.localeCompare(b))
.map(([k, v]) => `${k.toLowerCase()}:${v.trim()}`)
.join('\n');
const signedHeaders = Object.keys(headers)
.sort()
.map(k => k.toLowerCase())
.join(';');
const payloadHash = crypto.createHash('sha256').update(body).digest('hex');
const canonicalRequest = [
method.toUpperCase(),
parsedUrl.pathname,
parsedUrl.search.slice(1),
canonicalHeaders,
'',
signedHeaders,
payloadHash
].join('\n');
const algorithm = 'AWS4-HMAC-SHA256';
const credentialScope = `${dateStamp}/${this.region}/${this.service}/aws4_request`;
const stringToSign = [
algorithm,
amzDate,
credentialScope,
crypto.createHash('sha256').update(canonicalRequest).digest('hex')
].join('\n');
const kDate = this.hmac(`AWS4${this.secretKey}`, dateStamp);
const kRegion = this.hmac(kDate, this.region);
const kService = this.hmac(kRegion, this.service);
const kSigning = this.hmac(kService, 'aws4_request');
const signature = this.hmac(kSigning, stringToSign, 'hex');
const authorization = `${algorithm} Credential=${this.accessKey}/${credentialScope}, SignedHeaders=${signedHeaders}, Signature=${signature}`;
return {
headers: {
...headers,
'Authorization': authorization
},
canonicalRequest,
stringToSign,
signature
};
}
hmac(key, data, encoding = 'buffer') {
return crypto.createHmac('sha256', key).update(data).digest(encoding);
}
}
// Penggunaan
const signer = new SigV4Signer(
process.env.AWS_ACCESS_KEY_ID,
process.env.AWS_SECRET_ACCESS_KEY,
'us-east-1'
);
const signedRequest = signer.sign('GET', 'https://sellingpartnerapi-na.amazon.com/orders/v0/orders', '', {
'x-amz-access-token': accessToken
});
Menggunakan AWS SDK
const { SignatureV4 } = require('@aws-sdk/signature-v4');
const { Sha256 } = require('@aws-crypto/sha256-js');
const signer = new SignatureV4({
credentials: {
accessKeyId: process.env.AWS_ACCESS_KEY_ID,
secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY
},
region: 'us-east-1',
service: 'execute-api',
sha256: Sha256
});
const makeSpApiRequest = async (method, endpoint, accessToken, body = null) => {
const url = new URL(endpoint);
const headers = {
'host': url.host,
'content-type': 'application/json',
'x-amz-access-token': accessToken,
'x-amz-date': new Date().toISOString().replace(/[:-]|\.\d{3}/g, '')
};
const signedRequest = await signer.sign({
method,
hostname: url.hostname,
path: url.pathname,
query: Object.fromEntries(url.searchParams),
headers,
body: body ? JSON.stringify(body) : undefined
});
const response = await fetch(endpoint, {
method,
headers: signedRequest.headers,
body: signedRequest.body
});
if (!response.ok) {
const error = await response.json();
throw new Error(`SP-API Error: ${error.errors?.[0]?.message || response.statusText}`);
}
return response.json();
};
API Pesanan
Mengambil Pesanan
const getOrders = async (accessToken, options = {}) => {
const params = new URLSearchParams({
createdAfter: options.createdAfter,
createdBefore: options.createdBefore,
orderStatuses: options.orderStatuses?.join(',') || '',
marketplaceIds: options.marketplaceIds?.join(',') || ['ATVPDKIKX0DER'],
maxResultsPerPage: options.maxResultsPerPage || 100
});
for (const [key, value] of params.entries()) {
if (!value) params.delete(key);
}
const endpoint = `https://sellingpartnerapi-na.amazon.com/orders/v0/orders?${params.toString()}`;
return makeSpApiRequest('GET', endpoint, accessToken);
};
// Contoh penggunaan
const orders = await getOrders(accessToken, {
createdAfter: new Date(Date.now() - 24 * 60 * 60 * 1000).toISOString(),
orderStatuses: ['Unshipped', 'PartiallyShipped'],
marketplaceIds: ['ATVPDKIKX0DER']
});
Mendapatkan Item Pesanan
const getOrderItems = async (accessToken, orderId) => {
const endpoint = `https://sellingpartnerapi-na.amazon.com/orders/v0/orders/${orderId}/orderItems`;
return makeSpApiRequest('GET', endpoint, accessToken);
};
// Usage
const orderItems = await getOrderItems(accessToken, '112-1234567-1234567');
Update Status Pengiriman
const confirmShipment = async (accessToken, orderId, shipmentData) => {
const endpoint = `https://sellingpartnerapi-na.amazon.com/orders/v0/orders/${orderId}/shipmentConfirmation`;
const payload = {
packageDetails: {
packageReferenceId: shipmentData.packageReferenceId || '1',
carrier_code: shipmentData.carrierCode,
tracking_number: shipmentData.trackingNumber,
ship_date: shipmentData.shipDate || new Date().toISOString(),
items: shipmentData.items.map(item => ({
order_item_id: item.orderItemId,
quantity: item.quantity
}))
}
};
return makeSpApiRequest('POST', endpoint, accessToken, payload);
};
// Usage
await confirmShipment(accessToken, '112-1234567-1234567', {
carrierCode: 'USPS',
trackingNumber: '9400111899223456789012',
items: [
{ orderItemId: '12345678901234', quantity: 2 }
]
});
API Inventaris
Mendapatkan Ringkasan Inventaris
const getInventorySummaries = async (accessToken, options = {}) => {
const params = new URLSearchParams({
granularityType: options.granularityType || 'Marketplace',
granularityId: options.granularityId || 'ATVPDKIKX0DER',
startDateTime: options.startDateTime || '',
sellerSkus: options.sellerSkus?.join(',') || ''
});
const endpoint = `https://sellingpartnerapi-na.amazon.com/fba/inventory/v1/summaries?${params.toString()}`;
return makeSpApiRequest('GET', endpoint, accessToken);
};
// Usage
const inventory = await getInventorySummaries(accessToken, {
granularityId: 'ATVPDKIKX0DER',
sellerSkus: ['MYSKU-001', 'MYSKU-002']
});
API Daftar Produk
Mendapatkan Daftar Produk
const getListings = async (accessToken, options = {}) => {
const params = new URLSearchParams({
marketplaceIds: options.marketplaceIds?.join(',') || ['ATVPDKIKX0DER'],
itemTypes: options.itemTypes?.join(',') || ['ASIN', 'SKU'],
identifiers: options.identifiers?.join(',') || '',
issuesLocale: options.locale || 'en_US'
});
const endpoint = `https://sellingpartnerapi-na.amazon.com/listings/2021-08-01/items?${params.toString()}`;
return makeSpApiRequest('GET', endpoint, accessToken);
};
// Usage
const listings = await getListings(accessToken, {
identifiers: ['B08N5WRWNW', 'B09JQKJXYZ'],
itemTypes: ['ASIN']
});
Membuat/Memperbarui Daftar Produk
const submitListingUpdate = async (accessToken, listingData) => {
const endpoint = 'https://sellingpartnerapi-na.amazon.com/listings/2021-08-01/items/MYSKU-001';
const payload = {
productType: 'LUGGAGE',
patches: [
{
op: 'replace',
path: '/attributes/title',
value: 'Updated Wireless Bluetooth Headphones - Premium Sound'
},
{
op: 'replace',
path: '/salesPrice',
value: {
currencyCode: 'USD',
amount: '79.99'
}
}
]
};
return makeSpApiRequest('PATCH', endpoint, accessToken, payload);
};
API Laporan
Pembuatan & Pengambilan Laporan
const createReport = async (accessToken, reportType, dateRange) => {
const endpoint = 'https://sellingpartnerapi-na.amazon.com/reports/2021-06-30/reports';
const payload = {
reportType: reportType,
marketplaceIds: dateRange.marketplaceIds || ['ATVPDKIKX0DER'],
dataStartTime: dateRange.startTime?.toISOString(),
dataEndTime: dateRange.endTime?.toISOString()
};
return makeSpApiRequest('POST', endpoint, accessToken, payload);
};
const getReportDocument = async (accessToken, reportId) => {
const endpoint = `https://sellingpartnerapi-na.amazon.com/reports/2021-06-30/reports/${reportId}/document`;
return makeSpApiRequest('GET', endpoint, accessToken);
};
API Notifikasi
Membuat Langganan Notifikasi (SNS)
const createSubscription = async (accessToken, subscriptionData) => {
const endpoint = 'https://sellingpartnerapi-na.amazon.com/notifications/v1/subscriptions';
const payload = {
payload: {
destination: {
resource: subscriptionData.destinationArn,
name: subscriptionData.name
},
modelVersion: '1.0',
eventFilter: {
eventCode: subscriptionData.eventCode,
marketplaceIds: subscriptionData.marketplaceIds
}
}
};
return makeSpApiRequest('POST', endpoint, accessToken, payload);
};
// Usage
await createSubscription(accessToken, {
destinationArn: 'arn:aws:sns:us-east-1:123456789012:sp-api-notifications',
name: 'OrderStatusNotifications',
eventCode: 'OrderStatusChange',
marketplaceIds: ['ATVPDKIKX0DER']
});
Batas Kecepatan & Antrian Permintaan
SP-API punya batas kecepatan berbeda per endpoint. Contoh:
| Endpoint | Limit/detik | Burst |
|---|---|---|
| Pesanan | 10 | 20 |
| Item Pesanan | 5 | 10 |
| Inventaris | 2 | 5 |
Gunakan backoff eksponensial dan antrian permintaan:
class RateLimitedQueue {
constructor(rateLimit, burstLimit = null) {
this.rateLimit = rateLimit;
this.burstLimit = burstLimit || rateLimit * 2;
this.tokens = this.burstLimit;
this.lastRefill = Date.now();
this.queue = [];
this.processing = false;
}
async add(requestFn) {
return new Promise((resolve, reject) => {
this.queue.push({ requestFn, resolve, reject });
this.process();
});
}
refillTokens() {
const now = Date.now();
const elapsed = (now - this.lastRefill) / 1000;
const tokensToAdd = elapsed * this.rateLimit;
this.tokens = Math.min(this.burstLimit, this.tokens + tokensToAdd);
this.lastRefill = now;
}
async process() {
if (this.processing || this.queue.length === 0) return;
this.processing = true;
while (this.queue.length > 0) {
this.refillTokens();
if (this.tokens < 1) {
const waitTime = (1 / this.rateLimit) * 1000;
await new Promise(r => setTimeout(r, waitTime));
continue;
}
this.tokens--;
const { requestFn, resolve, reject } = this.queue.shift();
try {
const result = await requestFn();
resolve(result);
} catch (error) {
reject(error);
}
}
this.processing = false;
}
}
// Usage
const ordersQueue = new RateLimitedQueue(10, 20);
const orders = await ordersQueue.add(() => getOrders(accessToken, options));
Praktik Terbaik Keamanan
- Simpan credential di environment variable atau secret manager, JANGAN hardcode.
- Enkripsi token saat rest dan saat transit (gunakan TLS/HTTPS).
- Audit akses & refresh token secara otomatis.
- Batasi permission IAM per endpoint (hindari wildcard).
- Validasi timestamp SigV4, rotasi credential secara berkala.
Menguji Integrasi SP-API dengan Apidog
Setup Apidog untuk SP-API
- Impor spesifikasi OpenAPI SP-API dari repo Amazon
- Buat proyek di Apidog
- Atur variabel environment (Base URL, LWA token, AWS key/secret, region)
- Tambahkan script pra-permintaan untuk signature SigV4 (lihat dokumentasi)
Contoh pra-permintaan:
// Apidog pre-request script for SigV4 signing
const crypto = require('crypto');
const accessKey = apidog.variables.get('aws_access_key');
const secretKey = apidog.variables.get('aws_secret_key');
const accessToken = apidog.variables.get('lwa_access_token');
const region = apidog.variables.get('region');
const method = apidog.request.method;
const url = new URL(apidog.request.url);
const body = apidog.request.body;
// Generate SigV4 signature
const signer = new SigV4Signer(accessKey, secretKey, region);
const signedHeaders = signer.sign(method, url.href, body, {
'x-amz-access-token': accessToken
});
// Set headers for the request
apidog.request.headers = {
...apidog.request.headers,
...signedHeaders.headers
};
Bangun skenario pengujian (get orders, cek OAuth, cek error handling, dsb).
Referensi ID Marketplace
| Negara | ID Marketplace |
|---|---|
| Amerika Serikat | ATVPDKIKX0DER |
| Kanada | A2EUQ1WTGCTBG2 |
| Meksiko | A1AM78C64UM0Y8 |
| Britania Raya | A1F83G8C2ARO7P |
| Jerman | A1PA6795UKMFR9 |
| Prancis | A13V1IB3VIYZZH |
| Italia | APJ6JRA9NG5V4 |
| Spanyol | A1RKKUPIHCS9HS |
| Jepang | A1VC38T7YXB528 |
| Australia | A39IBJ37TRP1C6 |
| India | A21TJRUUN4KGV |
| Brasil | A2Q3Y263D00KWC |
Pemecahan Masalah Umum
403 Unauthorized
- Cek credential AWS/IAM & keterkaitan role
- Pastikan token OAuth valid
- Pastikan signature SigV4 valid & region benar
- Header
x-amz-access-tokenwajib
429 Rate Limit
- Implementasikan antrian permintaan & backoff
- Cek header
x-amzn-RateLimit-Limit - Untuk volume tinggi, minta kenaikan limit di Seller Central
404 Not Found
- Pastikan endpoint & marketplace ID benar
- Pastikan resource (order, product) eksis
- Cek versi API di path
400 Bad Request
- ISO date format wajib
- Parameter wajib harus ada
- JSON harus valid
Daftar Periksa Produksi
- [ ] Daftar aplikasi di Seller Central produksi
- [ ] IAM role produksi dengan least privilege
- [ ] Update semua URI redirect ke production
- [ ] Simpan token di storage terenkripsi
- [ ] Implementasi refresh token otomatis
- [ ] Atur rate limit & request queue
- [ ] Konfigurasi SNS untuk notifikasi
- [ ] Implement error handling & logging (dengan request ID)
- [ ] Monitoring limit rate & alert
- [ ] Runbook untuk masalah umum
- [ ] Uji dengan multiple marketplace ID
- [ ] Dokumentasikan alur OAuth untuk onboarding penjual
- [ ] Implement retry logic dengan backoff eksponensial
- [ ] Notifikasi kegagalan autentikasi
Kasus Penggunaan Nyata
Sinkronisasi Inventaris Multi-Marketplace:
- Sistem inventaris pusat + webhook SP-API + queue → real-time update 12 marketplace, 0 oversell.
Pemenuhan Pesanan Otomatis:
- Webhook OrderStatusChange → data order langsung ke WMS → tracking update ke Amazon → pelanggan dapat notifikasi otomatis.
Dasbor Analitik Penjual:
- OAuth multi-seller → agregasi data pesanan, inventaris, iklan → dasbor real-time lintas marketplace.
Kesimpulan
- SP-API = kontrol penuh Seller Central, lebih aman, lebih scalable.
- Kunci sukses: kelola OAuth/IAM, refresh token otomatis, signature SigV4, rate limit, notifikasi SNS.
- Apidog sangat berguna untuk pengujian, debugging, dan kolaborasi tim SP-API.
Bagian FAQ
Apa itu Amazon SP-API?
Amazon Selling Partner API (SP-API) adalah API REST untuk akses data Seller Central (pesanan, inventaris, daftar produk, laporan) dengan keamanan OAuth 2.0 dan AWS SigV4.
Bagaimana cara mendapatkan kredensial Amazon SP-API?
Daftarkan aplikasi di Seller Central > Kembangkan Aplikasi. Dapatkan ID Klien, Rahasia Klien, ID Aplikasi. Buat peran IAM di AWS dan tautkan ke aplikasi Anda.
Apakah Amazon SP-API gratis untuk digunakan?
Ya, untuk seller Amazon terdaftar. Ada rate-limit per endpoint; limit besar butuh approval khusus.
Otentikasi apa yang digunakan SP-API?
OAuth 2.0 + AWS IAM Role. Semua request wajib signature AWS SigV4 dengan credential sementara.
Bagaimana cara menangani batas kecepatan SP-API?
Implement queue per endpoint, pantau header x-amzn-RateLimit-Limit, retry dengan backoff eksponensial saat 429.
Bisakah saya menguji SP-API tanpa akun penjual aktif?
Bisa, gunakan sandbox environment. Tapi endpoint terbatas.
Bagaimana cara kerja webhook dengan SP-API?
Register SNS subscription untuk event tertentu (order, inventory, dll.), endpoint HTTPS menerima notifikasi.
Apa yang terjadi ketika token OAuth kedaluwarsa?
Token akses LWA berlaku 1 jam. Refresh otomatis via refresh_token.
Bagaimana cara migrasi dari MWS ke SP-API?
Update otentikasi (OAuth 2.0), signature (SigV4), endpoint URL, parsing XML → JSON.
Mengapa saya mendapatkan kesalahan 403 Tidak Sah?
Token OAuth kadaluarsa, IAM role salah, signature SigV4 tidak valid, header x-amz-access-token hilang, role IAM belum tertaut.
Top comments (0)