Accepting Merchant Credentials
Upon successful completion of the simplified registration workflow, the merchant will be redirected to the returnURL specified, along with the values from the fields listed below.
The following 3 values are used when making calls to process payments on a merchant’s behalf:
- merchantId – This is the Amazon ID associated with the merchant.
-
MWSAuthToken – This is a unique shared secret token that is passed via an additional
parameter in API calls to increase security and to enable making calls on behalf of the
merchant with the SP keys.
Note: The MWSAuthToken must be encrypted before storing it on disk. - lwaClientId – This is the OAuth ID associated with the Login with Amazon integration. It is needed when rendering the Login or Pay button.
The following value is optional and will only be passed back if a value is provided at the beginning of registration:
- merchantUniqueId – This is the unique ID specified when the registration workflow was initiated. This ID can be used to determine which merchant account the registration corresponds to.
The following sample shows a return URL (using a POST):
https://ecommerceprovider.com/services/amazon?
POST / HTTP/1.
Host: payments.amazon.com
Content-Type: application/x-www-form-urlencoded
Content-Length: 174
merchantId=AXXXXXXXXXXXX&MWSAuthToken=amzn.mws.xxxxxxxx-xxxx-xxxxxxxx-
xxxx&lwaClientId=amzn1.application-oa2-
client.xxxxxxxxxxxxx&merchantUniqueId=uniqueId