I want users of my Next.js TypeScript app to grant it permission to manage their Alexa Lists (using the read:alexa:household:list write:alexa:household:list permissions / scopes).
I figured I'd need to create a button in my website that takes the user to an Amazon URL that allows the user to grant my website permission to manage their Alexa lists (and then generates a code that it includes in a GET request that happens as a redirect).
I figured the button would be a link to a URL defined like
const url = `${oauth2BaseUrl}?client_id=${encodeURIComponent(clientId)}&redirect_uri=${encodeURIComponent(redirectUrl)}&response_type=code&scope=${scope}`;
This is generally how Oauth2 works, in my experience.
But I've found Amazon's docs incredibly unhelpful.
I'm setting up my API endpoint (which I'll specify at redirectUrl) to exchange the Amazon authorization code for an Amazon access token following the code examples shown there.
Should oauth2BaseUrl be 'https://ift.tt/YFEkZd2' (found at https://developer.amazon.com/docs/login-with-amazon/authorization-code-grant.html)?
For client ID, I'm using the one for my Alexa skill that I created. Is that correct?
Are there any libraries that could make any of this easier?
Here are the only permissions I've added in my Skill:
Whether I set const scopes = 'alexa:all read:alexa:household:list write:alexa:household:list'; or const scopes = 'read:alexa:household:list write:alexa:household:list'; or const scopes = '';, I always get:
400 Bad Request
An unknown scope was requested
P.S. I also started setting up Login With Amazon, but I don't understand why that would be necessary. I'm not looking to offer a federated login feature.
No comments:
Post a Comment