Amazon SP-API
How we use the Amazon Selling Partner API — and what it means for your store data.
我们如何使用 Amazon Selling Partner API,以及这对您店铺数据意味着什么。
Mint Hub Operations is an application being developed and registered under the Amazon SP-API Public App program. It is designed to help cross-border sellers access their own store data — inventory levels, order summaries, and advertising records — within a secure internal operations workspace.
Mint Hub Operations 是一款正在 Amazon SP-API Public App 计划下开发和注册的应用程序。它旨在帮助跨境卖家在安全的内部运营工作台中访问自己的店铺数据——包括库存水平、订单摘要和广告记录。
All data access is scoped strictly to stores that have explicitly authorized the application. We never access a seller's data without going through Amazon's standard OAuth consent flow.
所有数据访问均严格限定于已明确授权本应用的店铺。未经 Amazon 标准 OAuth 授权流程,我们绝不访问任何卖家数据。
This application serves Amazon sellers and operations teams who need aggregated, readable data from their authorized stores for internal decision-making: inventory replenishment planning, ad budget review, and order fulfillment monitoring.
本应用面向 Amazon 卖家及运营团队,为其提供来自已授权店铺的汇总、可读数据,支持内部决策:库存补货规划、广告预算审查和订单履行监控。
This is an internal operational tool — not a public data marketplace or analytics resale platform.
这是一款内部运营工具——而非公开数据市场或数据分析转售平台。
Mint Hub Operations requests only the minimum SP-API roles necessary for the features described. Data accessed via SP-API is used solely to display inventory, order, and advertising information within the authorized seller's own workspace.
Mint Hub Operations 仅申请功能所需的最低 SP-API 权限。通过 SP-API 获取的数据,仅用于在已授权卖家自己的工作台中展示库存、订单和广告信息。
We do not sell, share, or transfer seller data to any third party. Data is not used for advertising, profiling, or any purpose outside of what the authorizing seller would expect from their own operations tool.
我们不向任何第三方出售、共享或转让卖家数据。数据不用于广告投放、用户画像或授权卖家预期运营工具范围之外的任何目的。
Authorization Flow
授权流程
The seller clicks the authorization link from the Mint Hub website or Selling Partner Appstore listing.
卖家点击 Mint Hub 网站或 Selling Partner Appstore 页面中的授权链接。
Amazon presents the standard consent screen showing exactly which permissions are being requested. The seller reviews before approving.
Amazon 展示标准授权确认页面,明确显示所申请的权限范围,卖家在确认后方可批准。
After approval, Amazon sends an authorization code and the seller's Selling Partner ID to our redirect URI.
批准后,Amazon 将授权码和卖家的 Selling Partner ID 发送至我们的回调地址。
We exchange the short-lived authorization code for a refresh token. The token is encrypted and stored per store — the original code is discarded immediately.
我们用短效授权码换取刷新令牌。令牌加密存储并按店铺隔离——原始授权码立即丢弃。
The seller's workspace is connected. Data is fetched only when needed and only for that specific authorized store.
卖家工作台成功连接。数据仅在需要时按需获取,且只针对该特定已授权店铺。
Amazon seller authorization is in development. The button below will activate once the integration is live.
Amazon 卖家授权功能正在开发中,集成上线后按钮将自动激活。
Authorize with Amazon — Coming Soon Amazon 授权——即将上线Questions? Contact us 有问题?联系我们
Data Security
数据安全
These are the core principles governing how we handle SP-API access tokens and seller data.
以下是我们处理 SP-API 访问令牌和卖家数据的核心原则。
We request only the SP-API roles needed for declared features. No scope creep, no broad data access.
我们仅申请功能所声明所需的 SP-API 权限,不扩大范围,不进行宽泛的数据访问。
Refresh tokens are encrypted at rest. Access tokens are ephemeral and never written to disk.
刷新令牌静态加密存储。访问令牌为临时性,绝不写入磁盘。
Each seller's data is isolated. No user can access another store's data through our workspace.
每位卖家的数据独立隔离,任何用户均无法通过我们的工作台访问其他店铺数据。
Sellers revoke access via Amazon Seller Central. We stop all data access immediately upon notification.
卖家可通过 Amazon Seller Central 撤销授权,我们在收到通知后立即停止所有数据访问。
SP-API data is never sold, shared with third parties, or used beyond the seller's own workspace.
SP-API 数据绝不出售、不与第三方共享,也不用于卖家自身工作台之外的任何目的。
All data access events are logged with timestamp and reason, available for review on request.
所有数据访问事件均记录时间戳和原因,可根据请求提供审查。
The following roles are planned for the first version. We enable a role only once the corresponding feature is live and declared to Amazon.
以下权限计划用于第一版本。每项权限仅在对应功能上线并向 Amazon 声明后方才启用。
We avoid buyer PII, restricted data roles, and any role not directly tied to the operational features described above.
我们不申请买家个人信息、受限数据权限,以及任何与上述运营功能无直接关联的权限。
If you have questions about how we use SP-API data or want to understand more about our authorization process, please contact us or review our Privacy Policy.