Amazon SP-API
How we use the Amazon Selling Partner API — and what it means for your store data.
我们如何使用 Amazon Selling Partner API,以及这对您店铺数据意味着什么。
Mint Hub Operations is a public SP-API application under registration review. It is designed for Amazon sellers who want to connect their own authorized seller account data to Mint Hub's private operations workspace — covering inventory levels, order summaries, and listing information.
Mint Hub Operations 是一款处于注册审核阶段的 Amazon SP-API Public App,面向希望将自身已授权 Amazon 店铺数据接入 Mint Hub 私有运营工作台的卖家,涵盖库存水平、订单摘要和 Listing 信息。
All data access is scoped strictly to stores that have explicitly authorized the application. We never access a seller's data without going through Amazon's standard OAuth consent flow.
所有数据访问均严格限定于已明确授权本应用的店铺。未经 Amazon 标准 OAuth 授权流程,我们绝不访问任何卖家数据。
This application serves Amazon sellers and operations teams who need aggregated, readable data from their authorized stores for internal decision-making: inventory replenishment planning, ad budget review, and order fulfillment monitoring.
本应用面向 Amazon 卖家及运营团队,为其提供来自已授权店铺的汇总、可读数据,支持内部决策:库存补货规划、广告预算审查和订单履行监控。
This is an internal operational tool — not a public data marketplace or analytics resale platform.
这是一款内部运营工具——而非公开数据市场或数据分析转售平台。
Mint Hub Operations requests only the minimum SP-API roles necessary for the features described. Data accessed via SP-API is used solely to display inventory, order, and advertising information within the authorized seller's own workspace.
Mint Hub Operations 仅申请功能所需的最低 SP-API 权限。通过 SP-API 获取的数据,仅用于在已授权卖家自己的工作台中展示库存、订单和广告信息。
We do not sell, share, or transfer seller data to any third party. Data is not used for advertising, profiling, or any purpose outside of what the authorizing seller would expect from their own operations tool.
我们不向任何第三方出售、共享或转让卖家数据。数据不用于广告投放、用户画像或授权卖家预期运营工具范围之外的任何目的。
Authorization Flow
授权流程
The seller clicks the authorization link from the Mint Hub website or Selling Partner Appstore listing.
卖家点击 Mint Hub 网站或 Selling Partner Appstore 页面中的授权链接。
Amazon presents the standard consent screen showing exactly which permissions are being requested. The seller reviews before approving.
Amazon 展示标准授权确认页面,明确显示所申请的权限范围,卖家在确认后方可批准。
After approval, Amazon sends an authorization code and the seller's Selling Partner ID to our redirect URI.
批准后,Amazon 将授权码和卖家的 Selling Partner ID 发送至我们的回调地址。
We exchange the short-lived authorization code for a refresh token. The token is encrypted and stored per store — the original code is discarded immediately.
我们用短效授权码换取刷新令牌。令牌加密存储并按店铺隔离——原始授权码立即丢弃。
The seller's workspace is connected. Data is fetched only when needed and only for that specific authorized store.
卖家工作台成功连接。数据仅在需要时按需获取,且只针对该特定已授权店铺。
Amazon seller authorization is available to approved beta sellers during our registration review period.
Amazon 卖家授权目前面向注册审核期间已批准的 Beta 卖家开放。
Request Beta Access 申请 Beta 访问Questions? Contact us 有问题?联系我们
Data Security
数据安全
These are the core principles governing how we handle SP-API access tokens and seller data.
以下是我们处理 SP-API 访问令牌和卖家数据的核心原则。
We request only the SP-API roles needed for declared features. No scope creep, no broad data access.
我们仅申请功能所声明所需的 SP-API 权限,不扩大范围,不进行宽泛的数据访问。
Refresh tokens are encrypted at rest. Access tokens are ephemeral and never written to disk.
刷新令牌静态加密存储。访问令牌为临时性,绝不写入磁盘。
Each seller's data is isolated. No user can access another store's data through our workspace.
每位卖家的数据独立隔离,任何用户均无法通过我们的工作台访问其他店铺数据。
Sellers revoke access via Amazon Seller Central. We stop all data access immediately upon notification.
卖家可通过 Amazon Seller Central 撤销授权,我们在收到通知后立即停止所有数据访问。
SP-API data is never sold, shared with third parties, or used beyond the seller's own workspace.
SP-API 数据绝不出售、不与第三方共享,也不用于卖家自身工作台之外的任何目的。
All data access events are logged with timestamp and reason, available for review on request.
所有数据访问事件均记录时间戳和原因,可根据请求提供审查。
The following roles are planned for the first version. We enable a role only once the corresponding feature is live and declared to Amazon.
以下权限计划用于第一版本。每项权限仅在对应功能上线并向 Amazon 声明后方才启用。
We do not request buyer PII or restricted roles in the first version. Any advertising data integration, if supported in the future, will be handled through a separate Amazon Ads API authorization flow and is not part of this SP-API application.
第一版不申请买家 PII 或 restricted roles。如未来支持广告数据集成,将通过单独的 Amazon Ads API 授权流程处理,不属于本 SP-API 应用的一部分。
If you have questions about how we use SP-API data or want to understand more about our authorization process, please contact us or review our Privacy Policy.