Login with Amazon (LWA) Credentials Rotation every 180 days
- ろびん
- 2023年7月6日
- 読了時間: 1分
For developers using Amazon service APIs such as SP-API, login with Amazon (LWA) credentials (client secret) should be rotated every 180 days. Regular and timely rotation of LWA client credentials can limit the lifetime of application credentials in the event of credential exposure or compromise.
Must rotate credentials before deadline?
If you do not renew your LWA credentials by the 180 day deadline, API integration will prevent you from accessing the Amazon Services API (SP-API). Critical business functions may be restricted, directly impacting customers who previously licensed the application.
How to rotate LWA credentials
You can generate a new LWA credential (client secret) by following the steps below.
1. Sign in to your developer account on Seller Central, Vendor Central, or Developer Central and go to the developer console page where all your applications are listed. To do.
2. From the LWA Credentials column, select View for the application with the expiry alert.
3. Existing LWA credentials can be securely stored in encrypted form for reference.
4. Select Rotate Credentials to generate a new LWA Client Secret.
5. Review the warning message and confirm to proceed with the credential rotation.
6. Update your application to use the new LWA client secret.
For more information, see Rotating Application LWA Credentials in the Amazon Services API Documentation.