question

esi avatar image
esi asked

Different access tokens

Hi,


I am trying to create a smart home skill for several users. I use server outside amazon services with database storing devices and users to whom those devices belong.

I configured account linking with my lambda function and for that I use 'Auth Code Grant'. Everything is fine until I get to access tokens. I followed this documentation:

Authenticate a customer to Alexa

While linking, my lambda function receives authorization code, which next I use in HTTP POST to request user access and refresh token. Then I save those tokens in my DB to differentiate users.

This is response from amazon in my CloudWathc Logs:

http://prntscr.com/n7runt

I would like to know why token in authorization is different from that one I receive from Http response ?

Another thing is that access token changes every 3600 seconds (1 hour) and in this case if nobody invokes skill, my lambda function cant know who invoked skill when token is changed and I have no chance to compare with token received from response.

Next thing is that even though I use refresh token I will receive new access token but it is useless for me when this token is different from that one I receive from alexa in directives.


Please, can someone explain how this works ?

lambdaaccount linkingsmart homeaccount information
10 |3000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

esi avatar image
esi answered

Thanks for comment @philchillbill, you are right.


After searching for others' problems I finally found a way how to handle my problem.

This article Obtain Customer Profile Information explains how LWA works, but I didn't realize in a moment when i was reading it that I can use it with my lambda function.

In a section 'Call the profile Endpoint Server-side' there are 3 examples of HTTP POST to get user information.

For me that was exactly what i was looking for. With every request from Alexa, I just check received token by sending POST. I receive all important information that I need and I can easily check with my DB which user invoked Alexa ;)

P.S. easy, it is a shame I wasted a lot of time for searching for this solution. There are so many documentations and so many articles provided by Amazon that sometimes it is very unclear to understand what you are looking for.

10 |3000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

esi avatar image
esi answered

Thread can be closed, I found a solution.

1 comment
10 |3000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Maybe you could share your solution so that others can benefit...

2 Likes 2 ·