Picpol2 avatar image
Picpol2 asked

Send Alexa Events - Invalid Grant


I've followed the steps under "Authenticate a Customer to Alexa with Permissions," but I always get the following error message: {"error_description": "The request has an invalid grant parameter: code", "error": "invalid_grant"}. No matter if I make the authorization with my Lambda function or with the Python example code from Amazon provided under Alexa Smart Home: sample_async. I have checked the parameters grant_type, code, client_id, client_secret several times and can not find any errors.

The values for client_id, client_secret have been taken from the Developer Console under "Build-> PERMISSIONS-> Alexa Skill Messaging"

As value for code, I used "XXXXXXXXXXXX" from "directive.payload.grant.code" of AcceptGrant, which I received after successful account linking.:

    "directive": {
        "header": {
            "namespace": "Alexa.Authorization",
            "name": "AcceptGrant",
            "payloadVersion": "3",
            "messageId": "db52a26f-3fb3-4cf3-a948-d04d7c664fab"
        "payload": {
            "grant": {
                "type": "OAuth2.AuthorizationCode",
                "code": "XXXXXXXXXXXX"
            "grantee": {
                "type": "BearerToken",
                "token": "Atza|YYYYYY"

Does anyone have a tip for me?

Regards Werner

alexa smart homeaccount linkingpermissions
10 |5000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

After multiple deactivate => activate => account linking operations, the Python example works fine. Why my lambda code did not work at the beginning I do not know exactly. The only deliberate change I made was to specify "host" instead of "hostname" in the https options.
0 Likes 0 ·

That's the root cause, "host" is the correct parameter for this http request.

0 Likes 0 ·

Hi Picpol2, can you explain how you fixed this in more detail? I am getting the same error you had. What https options are you referring to? I'm using a call like:

lwa_data = {
                'grant_type': "authorization_code",
                'code': "<code from payload.grant.code>",
                'client_id': '<...>',
                'client_secret': '<...>'
            lwa_req ='', data=lwa_data)

(I also tried adding allow_redirects and explicit headers as per

                "Content-Type": "application/x-www-form-urlencoded;charset=UTF-8"
lwa_req ='', headers=LWA_HEADERS, data=lwa_data, allow_redirects=True)

but it made no difference.)

I've logged and checked the outgoing request parameters and they look fine.

Would much appreciate any hints you can give me!

0 Likes 0 ·

Hi SebW,

the post data needs to by url encoded (as you also specify in the content type).

You could use "querystring.stringify" to do this:

  const lwa_data = querystring.stringify({
    "grant_type" : "authorization_code",
    "code" : code,
    "client_id" : "xxx",
    "client_secret" : "xxx"

Best regards


0 Likes 0 ·
Show more comments

0 Answers