Amazon Services
Amazon Marketplace Web Service (Amazon MWS) Documentation
Amazon MWS Documentation

MWS Developer Code of Conduct

We provide Amazon Marketplace Web Service (“MWS”) as a service to help sellers succeed and grow their businesses. In addition to any other Amazon terms that apply, these requirements apply to you if you create or manage MWS applications, and you make the applications available for use by other sellers.

  1. To access a seller’s account with MWS, you must use your own Secret Key and AWSAccessKeyId (provided when registering for MWS as a developer), along with the seller’s SellerId and the MWSAuthToken generated from their authorization of your DeveloperId. Sellers are prohibited from sharing their Secret Key and AWSAccessKeyId with third party developers or applications.
  2. Don’t ask for, or use, any seller’s Seller Central account password. Sellers can authorize your DeveloperId, to give you direct access to their accounts through MWS, without sharing passwords. If you require access to Seller Central, this can be granted through secondary user permissions on the Seller Central account. Also, don’t ask for, or use, any seller’s Secret Key or AWSAccessKeyId.
  3. Only access a seller’s account using MWS if you have a written agreement with the seller that governs the service you will provide. Your agreement must explain clearly what services you will provide to the seller, what information you will access, what actions you will take on behalf of the seller and when you will stop accessing the seller’s account. Only access data elements and MWS APIs that are directly related to, and necessary for, providing the services sellers have retained you to provide.
  4. Customers and sellers trust that you will protect information about them. Don’t publicly disclose or share information obtained through MWS (for instance, a seller’s sales revenue or an item’s product description) with any third parties. Do not do this even if you omit or obfuscate the seller’s identity or if you share aggregated seller data without identifying individual sellers.
  5. Don’t help or allow sellers to violate Amazon’s terms. If you discover that a seller is using your service to violate Amazon terms that apply to the seller, you must immediately notify Amazon and cut off the seller’s MWS access through your service.
  6. DeveloperIds are region specific, do not ask a seller to authorize more than one DeveloperId of yours within a single MWS region. You can find the regions and the marketplaces they cover here.
  7. Amazon businesses offer APIs tailored for specific purposes. Don’t use APIs for prohibited or unintended purposes (for instance, do not use the Associates Product-Advertising API to supplement a Selling on Amazon application).
  8. Don’t use robots to programmatically read from (also known as ‘scraping’), or write information to (e.g. creating support contacts), Seller Central or Amazon’s marketplaces.
  9. For each MWS region that you operate in, register for an Amazon seller account in your (or your company’s) name. You must have an Amazon seller account to acquire a MWS DeveloperId. It’s important for us to be able to reach you if we have updates about sellers or your account. Do keep the contact information on your account up to date.
  10. Please use MWS efficiently. We rely on users to exchange data in the most efficient way possible so that we can continue providing the service in a cost-efficient manner. For instance, you should not make API calls at unreasonably high frequencies (see Handling errors).
  11. Maintain top-notch information security and controls. If a seller has provided you with access to information about their business, that suggests the seller trusts you. Do not betray that trust. Make sure you take appropriate technical and organizational measures to protect against unauthorized or unlawful access or use of the information the seller provided to you.
  12. Use industry standard software development best practices. For example, your application should be able to gracefully handle exceptions (e.g. unexpected variations in the response format which may include the addition of new elements or the removal of those that were expected).