Amazon Services
Amazon Marketplace Web Service (Amazon MWS) Documentation
Amazon MWS Documentation

Using the Content-MD5 hash with the SubmitFeed and GetFeedSubmissionResult operations

The Content-MD5 header and ContentMD5Value parameter are used as a message integrity check to verify that the decoded data received is the same data that was initially sent.

When you use the SubmitFeed operation, you must create an MD5 hash of the HTTP entity body, and include it in your request. You should include the hash in a ContentMD5Value parameter. This lets Amazon Marketplace Web Service (Amazon MWS) compare the MD5 hash you create with the MD5 hash it creates when it receives the feed. Amazon MWS can then determine if the feed submitted for processing is identical to the feed that was received. This process prevents corrupted descriptive data or pricing product data from appearing in Amazon product listings.

For backward compatibility, you can still include the hash in the Content-MD5 header when calling SubmitFeed. Passing the MD5 value as a SubmitFeed parameter instead of a header means that the MD5 hash is included in the method signature, which prevents anyone on the network from tampering with the feed content. Passing a Content-MD5 header prevents accidental corruption but not intentional tampering.

When you use the GetFeedSubmissionResult operation, you must calculate an MD5 hash for the received feeds report and compare that with the Content-MD5 header that is included in the response. If the two match, the report was not corrupted in transmission.

The Amazon MWS client libraries provide an easy way to pass in the Content-MD5 hash with every Amazon MWS request, as long as you send data that has been stored on disk and an MD5 hash has been created for the data. For more information about working with the Content-MD5 header, see Working with Content-MD5 checksums.