I'm trying to prototype an Alexa Connected Home skill and one of the requirements is linking a user's account using Oauth 2.0. Since I'm just building a prototype and I don't have an Oauth server up and running what's the easiest way for me satisfy Amazon Oauth requirement?
I've tried following the instructions on Tips for Using Login with Amazon in Alexa Connected Home CoHo Skills but it failed with an uninformative error message no matter what I tried.
tl;dr
Login With Amazon Console:
Allowed Origins: https://amazon.com
Allowed Return URLs: <copied from "Redirect URL" in the Alexa Developer Console>
Alexa Developer Console:
Authorization URL: https://www.amazon.com/ap/oa
Access Token URI: https://api.amazon.com/auth/o2/token
Scope: profile:user_id
Client Id: <copied from "Client Id" in the Login With Amazon Console. eg. amzn1.application-oa2-client.xxxxxxxxxxx >
Client Secret: <copied from "Client Secret" in the Login With Amazon Console.>
I was able to use Login with Amazon as the Oauth provider. I followed the documentation in the Login with Amazon Web Developer Guide and found the configuration that I had been missing.
To get Login With Amazon to work I did the following:
Open the Amazon Alexa developer console and go to the configuration tab of your skill (the page that has the information about Account Linking.
Set the Authorization URL to https://www.amazon.com/ap/oa
Set the Scope to profile:user_id
Set the Access Token URI to https://api.amazon.com/auth/o2/token
copy the Redirect URL that is in this page for the Login with Amazon configuration (example Redirect URL: https://pitangui.amazon.com/api/skill/link/xxxxxxxxx ).
Follow Steps 1, 2, and most of 3 from Tips for Using Login with Amazon in Alexa Connected Home CoHo Skills for "Using Login with Amazon as your OAuth provider".
Step 1 - Create a New Security profile
To create a new security profile on Login with Amazon, go the Developer Console and navigate to Login with Amazon by clicking on Apps & Services. Once you are on the Login with Amazon developer console page, click the Create a New Security Profile button.
Fill in the required information and hit Save.
Step 2 - Obtain Your OAuth Credentials
Your newly created security profile will now be available in the list of Login with Amazon Configurations.
You will receive the Client ID and Client Secret. Please include this information when you submit your skill adapter for test provisioning.
Click Show.
Step 3 - Whitelist Your Alexa Connected Home Skill
Next, we need to whitelist the Alexa Connected Home skill’s endpoints within your Login with Amazon security profile. First, enter the Web Settings of your security profile:
This is when I stopped following the instructions from that blog post. I now set the Allowed Origins and Allowed Return URLs. The Allowed Origins should be https://amazon.com
, and the Allowed Return URLs should be the Redirect URL copied from the Account Linking page from the Alexa Developer Console
Copy both the Client Id and the Client Secret from the Login With Amazon Console and paste them into the Client Id and Client Secret fields of the Alexa Developer Console.