Amazon DevPay
Getting Started Guide (API Version 2007-12-01)

Web Products

This section describes how web products meet the DevPay requirements to ensure the correct customer is billed for use of the product. For additional requirements applicable to Amazon S3 products that use DevPay, see Ways to Use DevPay.

Following are the main differences between an Amazon DevPay web product and a regular web product:

  • The DevPay web product must have the DevPay product token embedded in it so it can use the product token as required in requests to AWS (you obtain the product token when you register the product with DevPay; for more information, see Product Registration).

  • The DevPay web product must call the License Service to activate itself and obtain a user token for the specific customer using the product. The product must store the user token securely and include it in each request to the Amazon Simple Storage Service on behalf of that customer.

  • The DevPay web product must include an additional header in the REST Amazon S3 request (to pass the user token and optional product token).

The preceding items are required to make your product handle customer authentication correctly for DevPay. The overall process of customer authentication for a web product is described in the diagram and corresponding steps that follow.

Overall process for web products

Overall Process of Authentication for Web Products

The customer signs up for the product by clicking the purchase URL AWS provided you during product registration. When the customer completes the purchase, AWS generates an activation key for that customer and makes it available to your server.

Your product sends a signed request to the License Service to activate itself and obtain a user token for the customer. The request includes the product token for your product and the activation key.

Your product appropriately stores the user token it has received. Your product should associate the user token with the customer who is logged in to your web product.

Later, when the customer uses the product, the product makes an Amazon S3 request on behalf of the customer. In the process, the product retrieves and includes the customer's user token and the product token in the request.


The product token is optional in the REST request if the web product has a user token created after May 15, 2008.