Menu
Amazon DevPay
Developer Guide (API Version 2007-12-01)

Quick Reference for Amazon S3 Products

The purpose of this section is to bring summary information about identifiers and authentication for desktop and web products together in one convenient location. The details are given elsewhere in this guide as indicated.

Desktop Products

Your desktop product uses identifiers for itself and for customers. For information about when the desktop product uses each of the identifiers, see Authentication and Parameter Requirements.

Product Identifiers

IdentifierWhen Obtained

product token

When you register your product (for more information, see Registering Your Product).

Your Identifiers

Your desktop product uses none of your own identifiers. Your Access Key ID and Secret Access Key are not used at all by desktop products. For information about your Access Key ID and Secret Access Key, see Your AWS Access Credentials.

Customer Identifiers

Identifier

When Obtained

Access Key ID and Secret Access Key

When your desktop product calls ActivateDesktopProduct .

Note

The Access Key ID and Secret Access Key work only with AWS service calls associated with Amazon DevPay. They can't be used for regular AWS service calls.

activation key

When the customer buys your product or goes to the activate URL. The desktop product then gets the activation key from the customer.

user token

When your desktop product calls ActivateDesktopProduct. The user token is not the customer's Access Key ID.

Authentication and Parameter Requirements

Desktop products make calls to both the License Service and Amazon S3. The authentication and parameter requirements are summarized in the following table.

Note

The License Service actions typically require other parameters in addition to those listed in the following table. For a complete list of parameters that an action uses, see the action description in the API reference.

Service or Action

Authentication and Parameter Requirements

ActivateDesktopProduct

REST-Query and SOAP calls do not need to be signed. The requests must be made over HTTPS.

The request must include the product token and the activation key. The response includes the customer's user token, Secret Access Key, and Access Key ID.

VerifyProductSubscriptionByTokens

REST-Query calls must include the customer's Access Key ID and be signed using the customer's Secret Access Key. The requests must be made over HTTPS.

SOAP requests are not allowed for this action.

The request must include the product token and the customer's user token. The response contains a Boolean value.

Amazon S3

REST calls must include the customer's Access Key ID and be signed using the customer's Secret Access Key. They must not use your own Access Key ID and Secret Access Key.

The REST request must include the product token and the customer's user token.

Important

Amazon S3 requests that use DevPay must be REST requests or pre-signed URLs; SOAP requests are not supported for DevPay.

Web Products

Your web product uses identifiers for itself, for you, and for customers. For information about when your web product uses each of the identifiers, see Authentication and Parameter Requirements.

Product Identifiers

IdentifierWhen Obtained

product code

When you register your product (for more information, see Registering Your Product).

product token

When you register your product.

Your Identifiers

IdentifierWhen Obtained

Access Key ID and Secret Access Key

When you created the AWS developer account that you used to register your product (for more information, see Your AWS Access Credentials).

Customer Identifiers

Identifier

When Obtained

activation key

When the customer buys your product or goes to the activate URL. Your web product then gets the activation key from the customer (alternately, your system can get it directly from AWS; for more information, see The Activation Key).

persistent identifier (PID)

When your web product calls ActivateHostedProduct .

user token

When your web product calls ActivateHostedProduct.

Unlike desktop products, web products do not use a Secret Access Key and Access Key ID for the customer; only your Secret Access Key and Access Key ID are used.

Authentication and Parameter Requirements

Web products make calls to both the License Service and Amazon S3. The authentication and parameter requirements are summarized in the following table.

Note

The License Service actions typically require other parameters in addition to those listed in the following table. For a complete list of parameters that an action uses, see the topic for the action.

Service or Action

Authentication and Parameter Requirements

ActivateHostedProduct

REST-Query calls must include your Access Key ID and be signed using your Secret Access Key. The requests must be made over HTTPS.

SOAP requests must use WS-Security and your X.509 certificate. The requests must be made over HTTPS.

The request must include the product token and the activation key. The response includes the customer's user token and persistent identifier (PID).

GetActiveSubscriptionsByPid

REST-Query calls must include your Access Key ID and be signed using your Secret Access Key. The requests must be made over HTTPS.

SOAP requests must use WS-Security and your X.509 certificate. The requests must be made over HTTPS.

The request must include the customer's persistent identifier (PID). The response contains a list of product codes.

VerifyProductSubscriptionByPid

REST-Query calls must include your Access Key ID and be signed using your Secret Access Key. The requests must be made over HTTPS.

SOAP requests must use WS-Security and your X.509 certificate. The requests must be made over HTTPS.

The request must include the product code and the customer's persistent identifier (PID). The response contains a Boolean value.

Amazon S3

REST calls and pre-signed URLs must include your Access Key ID and be signed using your Secret Access Key (like regular Amazon S3 REST calls or pre-signed URLs that don't use DevPay).

The REST request must contain the customer's user token. The product token is required only if your web product is using a user token created on or before May 15, 2008. Calls to ActivateHostedProduct made after that date return a new type of user token that eliminates the need to include the product token in the Amazon S3 request. Pre-signed URLs your web product creates must include this new type of user token and should not include the product token.

Important

Amazon S3 requests that use DevPay must be REST requests or pre-signed URLs; SOAP requests are not supported for DevPay.