OAuth2 for managing Amazon Alexa Lists
I want to create a button in my website that takes the user to an Amazon URL that allows the user to grant my website permission to manage their Alexa lists (and then generates a code that it includes in a GET request that happens as a redirect to a "callback" URL that I registered as the redirect_uri when setting up OAuth2 in Amazon).
But I've found Amazon's docs incredibly unhelpful.
I see permissions / scopes mentioned here called alexa::household:lists:read alexa::household:lists:write.
But I don't even know whether those scopes are valid for what I'm trying to do. Christina thinks not.
I've set up my API endpoint (which I'll specify at redirectUrl) to exchange the Amazon authorization code for an Amazon access token following the code examples shown there.
I've set oauth2BaseUrl to be 'https://www.amazon.com/ap/oa' (found at https://developer.amazon.com/docs/login-with-amazon/authorization-code-grant.html).
I created an Alexa "skill" on the AWS site (even though I don't know if I'm supposed to).
For client ID, I'm using the one for my Alexa skill that I created. Is that correct?
Here are permissions I've added in my Skill:
I always get:
400 Bad Request
An unknown scope was requested
But if I just use these different scopes instead, I see it behave how I'd expect (but I lack List permissions): alexa::skills:account_linking postal_code profile:user_id.
P.S. Since I'm not looking to offer a federated login feature, I'm not interested in setting up Login With Amazon unless it's required for what I'm trying to do (just manage someone's Alexa lists).
I finally figured out how to get my Next.js app to connect to my Amazon Alexa lists: https://stackoverflow.com/a/77366772/470749
- Timeout when trying to retrieve EC2 instance-id metadata from within it
- Row was updated or deleted by another transaction (or unsaved-value mapping was incorrect)
- Downloading an entire S3 bucket?
- Unable to unzip .zip file on linux machine
- Missing Authentication Token while accessing API Gateway?
- AWS S3 Access Denied when open object URL in browser
- AWS Lambda NodeJs unable to return response
- How can I access my AWS MSK managed kafka queue from my local machine and EC2 instances in other regions
- How to recreate EC2 instances of an autoscaling group with terraform?
- AWS Cloudwatch Alarm Issue
- AWS EC2 | using Rusoto SDK: Couldn't find AWS credentials
- How to enable "Use for Hive table metadata" in "AWS Glue Data Catalog settings" using Terraform?
- Determine if instance is a part of some AutoScaling Group in AWS
- Difference bw "start_of_file" and "end_of_file" in AWS cloud agent configuration
- not authorized to perform: ec2:DescribeInstances because no identity-based policy allows the ec2:DescribeInstances action
- Environment specific ebextensions Beanstalk commands
- Deleting records from a DynamoDB table where the TTL value has been set incorrectly
- MySQL/Amazon RDS error: "you do not have SUPER privileges..."
- Is EC2 t3.micro created by ECS cluster eligible for free tier?
- Amazon Neptune OpenCypher - What is the cause for "Operation terminated (internal error)" when using SET after MERGE?
- AWS SAM CLI cannot access Dynamo DB when function is invoked locally
- EC2 instance connect : There was a problem setting up the instance connection
- Wildcard filter in aws-nuke
- Add advanced validation for AWS::Serverless::Api GET query params
- Organizing AWS IAM permissions: limit of 10 policies?
- AWS: S3 Bucket AWS You can't grant public access because Block public access settings are turned on for this account
- failed calling webhook "vingress.elbv2.k8s.aws"
- terraform tags for list variable not working
- Amazon SES successfully forwarded emails but respond with 451 4.3.0 This message could not be delivered
- Why should I use Amazon Kinesis and not SNS-SQS?