New delegation use case added to Tokens API

[jenilew]

Hi All,

As of September 13th, 2021, we've added the ability to delegate authorization to trusted applications to enable them to access Personally Identifiable Information (PII) via the Tokens API.

You can now delegate authorization to call restricted operations to a "delegatee application," which is an application that performs a specialized function for a selling partner (such as shipping, tax invoicing, or tax
remittance services) but is not directly authorized by the selling partner.

Delegating authorization starts with App registration. The App registration form has been updated to allow you to indicate when an app will delegate access to PII to another app.

The createRestrictedDataToken operation has been enhanced to accept the application ID of the delegator app.

Which marketplaces are affected?

This change applies to all marketplaces.

Who is affected?

Developers whose apps use the Orders, Reports, or Merchant Fulfillment APIs and whose apps delegate access to PII to another app are affected.

Developers who apps access PII via a delegation from another app are also affected.

What action is required?

Developers who want to grant authorization to a delegatee application to perform a specialized function (that requires an RDT) can use the Tokens API to do so.

Developers using other Amazon MWS sections or sellers who directly integrate with Amazon MWS do not need to take action at this time.

More information

For more information, see

• SP-API Developer Guide
• Tokens API Reference
• Tokens API Use Case Guide