Extend API role to include PII (Personally Identifiable Information)

Hi,

I am using the “make an api call” module from the Amazon Seller Central app and call GET /orders/v0/orders/301-xxxxxxx-xxxxxxx/orderItems/buyerInfo to get the BuyerCustomizedInfo from a Amazon Custom order.

I have tried multiple orders and here is an example of an order that has 2 items. The second item is a regular item without an option to customize but the first item can be customized. You can add some text that will be printed on the item before shipped.

Like this:

We would like to get this info to automatically process the orders. Unfortunately the response of Amazons SellerCentral API is empty bus doesn’t show any errors.

I have done some research and it looks like, a seller has to include the role PII (Personally Identifiable Information) to the API access. I tried to add or update the “scopes” but that is not possible als scopes are set by the authorization process when connecting make with SellerCentral.

Could you update the connection to include PII (Personally Identifiable Information)? Or does anyone have a trick on how to include the BuyerCustomizedInfo?

Many thanks,
Gijs

That’s a great idea! I’m sure others would agree that adding this OAuth scope is a nice feature to have.

You can submit this suggestion to the Idea exchange, under App improvement ideas.

Don’t forget to search for it first, just in case someone already suggested it, so that you don’t end up creating a duplicate.
Screenshot_2024-01-17_130153

1 Like

So is it necessary to expand the scope on the Amazon side, then create a new connection on the Make side, then update the modules to use the newly-created connection?

Thanks to @Manuel.Techflow.ai ! He showed me a way to create a Restricted Data Token which provides a secure way to access a customer’s PII.

I was able to create such a token using the Make an API Call module and I then used the token in the header to fire the next call. But unfortunately the response is still empty.

Since I don’t receive any error messages from Amazon, I expect that some setting in SellerCentral is set wrong. I asked SellerCentral support but haven’t received an answer. I will keep you updated, as soon as I have heard from Amazon.

Eventually :make: Make has already set up this Restricted Data Token process. I am not sure as I can’t see what is happening in the background.

1 Like

Have you managed to get any update on this? I have been having problems obtaining this data since the beginning of the year. I am sure it is possible to obtain them because on the order handling system (Baselinker) they are downloaded correctly!

This is what I have tried so far:

Added a “Make an API Call” module in my scenario:
URL: /tokens/2021-03-01/restrictedDataToken
Body:

{
   "restrictedResources":[
      {
         "method":"GET",
         "path":"/orders/v0/orders/{{2.AmazonOrderId}}/orderItems",
         "dataElements":[
            "buyerInfo"
         ]
      }
   ]
}

Added another “Make an API Call” module:
URL: /orders/v0/orders/{{2.AmazonOrderId}}/orderItems
Header Key: x-amz-access-token
Header Value: {{8.body.restrictedDataToken}}

There is no error message when I request the RDT but the buyerInfo stays empty.

However, when I request the shippingAddress instead of the buyerInfo, it says: [400] Application does not have access to one or more requested data elements: [shippingAddress] (InvalidInput)
The same happens, when I request buyerTaxInformation.

I have asked Amazon SellerCentral support for this but sofar haven’t got any useful answers.

@ecomsilio I have the same problem as you and have also taken the same steps, but still no customisation information is displayed. Have you found a solution in the meantime?

Hi @myDartpfeil

No, I haven’t got it to work.

Cheers,
Gijs