Amazon DevPay
Developer Guide (API Version 2007-12-01)



Amazon DevPay is not accepting new seller accounts at this time. Please see AWS Marketplace for information on selling your applications on Amazon Web Services.


The ActivateDesktopProduct action is meant for desktop products or products installed in any type of distributed location (e.g., desktops, handheld devices, etc.). We recommend that web products use ActivateHostedProduct .

Calling ActivateDesktopProduct provides your desktop product with the following credentials for a specific customer:

  • User token

  • Secret Access Key

  • Access Key ID


The Secret Access Key and Access Key ID that ActivateDesktopProduct provides are not identical to the credentials available from the AWS web site. They work only with AWS service calls associated with Amazon DevPay. They can't be used for regular AWS service calls.

For information about how your product should store the credentials, see Credential Storage.

The credentials must be available and ready to use each time your product makes an Amazon Simple Storage Service request on behalf of that customer. The items work together as a unit. If one part is missing, your product must get a whole new set. For more information, see Desktop Product Exceptions.

Your product calls ActivateDesktopProduct to activate itself when the customer initially installs it. The product might require reactivation at other times. For more information, see Desktop Product Exceptions.

Activation succeeds regardless of whether the credit card the customer presents at sign-up time is valid. Even though activation succeeds, your product shouldn't send requests to Amazon S3 until the customer is actually subscribed (which depends on the credit card vetting or sign-up charge succeeding). For more information about how to confirm when a customer is actually subscribed, see Activation and Subscription Timing.

Request Authentication

Requests for ActivateDesktopProduct must be made over HTTPS, but they do not require any other special authentication.

Request Parameters

Name Description Required


The License Service action to perform. Set this to ActivateDesktopProduct.

Type: String

Default: None

Condition: Required for REST-Query requests (for more information, see REST-Query Requests). For SOAP requests, the action is automatically indicated in the SOAP request's root element (for more information, see SOAP Requests).



A product activation key, which the product obtains from the customer. For more information, see Desktop Product Activation.

Type: String with a maximum 30 characters; the length of this key could increase in the future

Default: None



The product token for your product, which is obtained during product registration. For more information, see Registering Your Product. The product token is prefixed with the literal string {ProductToken}.

Type: String

Default: None



The amount of elapsed time (in seconds) before the user token returned by the service should expire. The user token never expires unless you use this optional parameter. Once the user token expires, the product must reactive itself, or the customer won't be able to use it. For more information, see Reactivating the Product.

Type: xsd:duration (in seconds)

Default: No expiration time



The version of the API to use. For example: 2008-04-28

Type: String

Default: 2007-06-05

Condition: Highly recommended for REST-Query requests. Not applicable to SOAP requests (the API version is indicated in the namespace).


Response Elements

The response to this action contains the following elements in addition to the elements returned in all successful responses (for more information, see Structure of a Successful Response).

Name Description


The customer's AWS Access Key ID.

Type: String

Ancestor: ActivateDesktopProductResult


The customer's Secret Access Key, which you use to sign requests for Amazon S3.

Type: String

Ancestor: ActivateDesktopProductResult


The user token associated with the returned Secret Access Key and Access Key ID. The user token is prefixed with the literal string {UserToken}. The user token length varies, and we recommend you allot 1024 characters to store the value in your database. Note that the user token length is currently much shorter than this, but it could increase or decrease without notice.

Each time you request ActivateDesktopProduct for a particular customer, the user token you receive is different because the creation time is part of the information included in the token.

Type: String

Ancestor: ActivateDesktopProductResult


The errors listed in the following table are returned in addition to the errors returned by all actions. For more information, see Errors.


We might throttle requests to the License Service as necessary. When we throttle, we return a 503 (service unavailable) HTTP status code. Your system should be prepared to retry any request that receives a 503 code.

Name Description


The activation key is expired. Activation keys expire one hour after creation.

Action to take:

  1. Prompt the customer to go to the activate URL and generate a new activation key (the customer is asked to log in with an login).

  2. Prompt the customer for the new activation key.

  3. Re-request the action to activate the product with the new activation key and the other required parameters.


The activation key does not correspond to the product token. Each activation key is associated with a particular customer and a particular product. This error occurs if you provide an activation key for a DevPay product other than the one represented by the product token.

Action to take: Follow the instructions listed for ExpiredActivationKey.


The activation key is invalid or malformed.

Action to take: Same action as for ExpiredActivationKey


The product token is invalid for the signer.

Action to take: Make sure you have copied the product token correctly. You can view the product token for your product at any time by clicking View Product Details on your DevPay Activity page (at


The following example REST-Query request activates a desktop product.

Sample Request ?Action=ActivateDesktopProduct &ActivationKey=ADMAY7DVLJTWHJ76MMBMQEXAMPLE &ProductToken={ProductToken}YLFRL3e4lOHTgGSQa8BOKA....[long encoded token]... &Version=2008-04-28

Sample Response

<ActivateDesktopProductResponse> <ActivateDesktopProductResult> <UserToken> {UserToken}AAAHVXNlclRrbgfOpSykBAXO7g/zG....[long encoded token]... </UserToken> <AWSAccessKeyId> AKIAIOSFODNN7EXAMPLE </AWSAccessKeyId> <SecretAccessKey> wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY </SecretAccessKey> </ActivateDesktopProductResult> <ResponseMetadata> <RequestId> cb919c0a-9bce-4afe-9b48-9bdf2412bb67 </RequestId> </ResponseMetadata> </ActivateDesktopProductResponse>

Related Actions