Sample code for 30+ languages & platforms
PHP ActiveX

Create Restricted Data Token (RDT)

See more Amazon SP-API Examples

Returns a Restricted Data Token (RDT) for one or more restricted resources that you specify.

Chilkat PHP ActiveX Downloads

PHP ActiveX
<?php

$success = 0;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

$authAws = new COM("Chilkat.AuthAws");
$authAws->AccessKey = 'AWS_ACCESS_KEY';
$authAws->SecretKey = 'AWS_SECRET_KEY';
$authAws->ServiceName = 'execute-api';
// Use the region that is correct for your needs.
$authAws->Region = 'eu-west-1';

$rest = new COM("Chilkat.Rest");
$bTls = 1;
$port = 443;
$bAutoReconnect = 1;
// The sandbox endpoint (sandbox.sellingpartnerapi-eu.amazon.com) fails.
// Use the production endpoint and see the note below.
$success = $rest->Connect('sellingpartnerapi-eu.amazon.com',$port,$bTls,$bAutoReconnect);
if ($success == 0) {
    print $rest->LastErrorText . "\n";
    exit;
}

$success = $rest->SetAuthAws($authAws);

// Load the previously obtained LWA access token.
// See Fetch SP-API LWA Access Token
$jsonToken = new COM("Chilkat.JsonObject");
$success = $jsonToken->LoadFile('qa_data/tokens/sp_api_lwa_token.json');
if ($success == 0) {
    print 'Failed to load LWA access token.' . "\n";
    exit;
}

// Add the x-amz-access-token request header.
$lwa_token = $jsonToken->stringOf('access_token');
$rest->ClearAllHeaders();
$rest->AddHeader('x-amz-access-token',$lwa_token);

// We're going to send a POST with the following JSON body:

// {
//   "restrictedResources": [
//     {
//       "method": "GET",
//       "path": "/orders/v0/orders",
//       "dataElements": ["buyerInfo", "shippingAddress"]
//     }
//   ]
// }

// Use this online tool to generate code from sample JSON: 
// Generate Code to Create JSON

$json = new COM("Chilkat.JsonObject");
$json->UpdateString('restrictedResources[0].method','GET');
$json->UpdateString('restrictedResources[0].path','/orders/v0/orders');
$json->UpdateString('restrictedResources[0].dataElements[0]','buyerInfo');
$json->UpdateString('restrictedResources[0].dataElements[1]','shippingAddress');

$sbRequest = new COM("Chilkat.StringBuilder");
$json->EmitSb($sbRequest);

$sbResponse = new COM("Chilkat.StringBuilder");
$uri = '/tokens/2021-03-01/restrictedDataToken';
$success = $rest->FullRequestSb('POST',$uri,$sbRequest,$sbResponse);
if ($success == 0) {
    print $rest->LastErrorText . "\n";
    exit;
}

// ------------------------------------------------------------------------------------
// Note: Using the sandbox endpoint, such as sandbox.sellingpartnerapi-eu.amazon.com
// results in a response status code of 400 with the following error:
// [{"code":"InvalidInput","message":"Could not match input arguments"}]
// Getting a restricted data token seems to only work with the production endpoint.
// ------------------------------------------------------------------------------------

// Examine the response status.
$statusCode = $rest->ResponseStatusCode;
if ($statusCode != 200) {
    print 'Response status code: ' . $statusCode . "\n";
    print 'Response status text: ' . $rest->ResponseStatusText . "\n";
    print 'Response body: ' . "\n";
    print $sbResponse->getAsString() . "\n";
    print 'Failed.' . "\n";
    exit;
}

print $sbResponse->getAsString() . "\n";

// If successful, gets a JSON response such as the following:

// {
//   "expiresIn": 3600,
//   "restrictedDataToken": "Atz.sprdt|AYAB.....TQ="
// }

// Use this online tool to generate parsing code from sample JSON: 
// Generate Parsing Code from JSON

$jsonResp = new COM("Chilkat.JsonObject");
$jsonResp->LoadSb($sbResponse);

$expiresIn = $jsonResp->IntOf('expiresIn');
$restrictedDataToken = $jsonResp->stringOf('restrictedDataToken');

// Save the RDT for subsequent use..
$success = $jsonResp->WriteFile('qa_data/tokens/sp_api_rdt_token.json');

print 'Success!' . "\n";

?>