The access token produced by Login with Amazon (LWA) service produces a bearer token which doesn't seem to be a valid JWT token according to https://jwt.io/ and http://jwt.calebb.net decoders:
Atza|IwEBIB2nUez1mH8PBGvzX5FbKb7zKdMJJd_isubqRPZub***sT7ubOV_IFiS-isAvrd-tIV4-1FkH8nZ3q8pjAsQ8bSpm812VdzJ2KLdHgRDRDd1F8b0oO4gYiVoW_2ROOysAT5DvEz7MzlVMVSwFgrOPLwYA_naa6qV0osBrAz4VM_rIXYWj*********_40DDEwNcz27myJvXJUTObwiG02P6jbcqqNZy1AlGG2spaz0WfIWbuX1b5XFmroB1lPavu8l0PIq3QNn5J38PdqCYqpOuZqIKvLkSVVB9YonX6E33Z4wR9cpQWGUWrEuXwcUdxVEaN0PtzbdDfXXXXXX10XsR7tgjSjBahyn40vzfSWe_P-jkuKN-7Bxy5vARughxeKSZ0el0kFeoYXdJlNR5qE8VQQpQHBe7Y-JrmA4VyGo6MyqgJvrAvFtvee5Pn8bTSV**********0t4sOQH1FzN2Rsdikp26sGnSWwPmGiD_VNvubIHCnXtkKPq62TnFMHsptl-va1I_4gVZgYt6dBylCA08-s9lKwq8orWcWvcnUtw
I just wanted to verify that the above statement is a correct assertion. As well as get some clarification on the following:
What is the relationship/the difference between a bearer token and a JWT and when the former need to be used in favor of latter (or otherwise)?
JWT is just a format. I don’t know what you mean by bearer token, but if you refer to the RFC6750, a JWT token can be used in this case as well as any other token that fulfill with the syntax for bearer credentials.
The comparison between a format and a protocol have no sense.
Is it possible to convert from one format to another? Are they interchangealbe?
As the token you provided looks opaque, it will be difficult to convert it from this format to another. It could be possible to do it with a detailed documentation.
Is LWA OpenID Connect compliant? Would an OpenID Connect compliant IdP be required to produce and id token in the JWT format or is it free to use any format of its choosing?
No. In an OAuth2/OIDC context and contrary to the access token that can have any format you want, the ID token must be a JWT (signed and possibly encrypted). No other format is allowed by the specification.