Vendor Management REST API Reference v1

Use the Vendor Management REST API to get information about a vendor.

API endpoint

The endpoint of the Vendor Management API is


Each API request must have an authorization header whose value is the access token retrieved from Login with Amazon (LWA). For details, see Get an Access Token for SMAPI.


The Vendor Management API includes the following operations.

Operation HTTP method and URI

Get vendor list

GET /v1/vendors

Get vendor list

Get the list of vendor information associated with the access token.


To get the vendor list, you make a GET request to the vendors resource.

Request path and header example

Copied to clipboard.

GET /v1/vendors
Content-Type: application/json
Authorization: Bearer {access token}

Request path and header parameters

Parameter Located in Description Type Required

access token


LWA token.



Request body example

The request has no body.

Request body properties

The request has no body.


A successful response returns HTTP 200 OK, along with the vendor information. On error, the response returns the appropriate HTTP status code and includes a response body with an error code and human readable message.

Response body example

The following example shows a response.

    "vendors": [{
            "id": "",
            "name": "",
            "roles": [
            "id": "",
            "name": "",
            "roles": [

Response body properties

Property Description Type


List of vendors associated with the account.

Array of objects

Name of the vendor.


Unique identifier of vendor.



Roles assigned to the account owner.

Array of string

HTTP status codes

Status Description

200 OK

Response body contains the vendor information.

400 Bad Request

Indicates that one or more properties in the request body aren't valid.
The following example shows the response body with the error code and message.

     "message": "The property is outside the allowed range.",

401 Unauthorized

Request didn't include the authorization token, or the included token expired or isn't valid. Or, you don't have access to the resource.

403 Forbidden

Indicates that the authorization token is valid, but the requested operation isn't allowed.

404 Not Found

Requested resource not found.

429 Too Many Requests

Permitted rate limit, specified as number of requests per unit of time, exceeded. Retry the request by using exponential back-off.

500 Server Error

Error occurred on the server. Retry the request by using exponential back-off.

503 Service Unavailable

Server is down for maintenance, overloaded, or otherwise unavailable to handle the incoming request.

Was this page helpful?

Last updated: May 11, 2023