amazon-web-servicesoauth-2.0oauthalexa-skills-kit

OAuth2 for managing Amazon Alexa Lists


I want to create a button in my website that takes the user to an Amazon URL that allows the user to grant my website permission to manage their Alexa lists (and then generates a code that it includes in a GET request that happens as a redirect to a "callback" URL that I registered as the redirect_uri when setting up OAuth2 in Amazon).

But I've found Amazon's docs incredibly unhelpful.

I see permissions / scopes mentioned here called alexa::household:lists:read alexa::household:lists:write.

But I don't even know whether those scopes are valid for what I'm trying to do. Christina thinks not.

I've set up my API endpoint (which I'll specify at redirectUrl) to exchange the Amazon authorization code for an Amazon access token following the code examples shown there.

I've set oauth2BaseUrl to be 'https://www.amazon.com/ap/oa' (found at https://developer.amazon.com/docs/login-with-amazon/authorization-code-grant.html).

I created an Alexa "skill" on the AWS site (even though I don't know if I'm supposed to).

For client ID, I'm using the one for my Alexa skill that I created. Is that correct?

Here are permissions I've added in my Skill:

enter image description here

I always get:

400 Bad Request
An unknown scope was requested

But if I just use these different scopes instead, I see it behave how I'd expect (but I lack List permissions): alexa::skills:account_linking postal_code profile:user_id.

P.S. Since I'm not looking to offer a federated login feature, I'm not interested in setting up Login With Amazon unless it's required for what I'm trying to do (just manage someone's Alexa lists).


Solution

  • I finally figured out how to get my Next.js app to connect to my Amazon Alexa lists: https://stackoverflow.com/a/77366772/470749