question

Tyson Cadnhead avatar image
Tyson Cadnhead asked

Alexa account linking not working for users who are not developers on my account

I built an app that is authenticating through Amazon web login api with these permissions:

alexa::ask:skills:readwrite alexa::skills:account_linking

For developers on my Alexa account, we're able to login and PUT to the the /v1/skills/${ALEXA_SKILL_ID}/stages/live/enablement endpoint and get back a valid response.

However, Alexa approved our app today and it turns out that everyone who isn't a developer on our account goes through the OAUTH flow fine, but once they PUT to the /v1/skills/${ALEXA_SKILL_ID}/stages/live/enablement endpoint, they are getting an error:

{"message":"You do not have access to the resource."}

I've verified that our client ID and secret are correct, that we've updated the stage to live etc... but nothing seems to work. Anything I might be missing?

My Skill ID is amzn1.ask.skill.5439443b-cbce-4a6c-9b90-5c58da4ad0ed

account linkingpermissions
10 |5000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

2 Answers

Andy Whitworth avatar image
Andy Whitworth answered

Perhaps take a step back and tell us what your app is looking to achieve ?

And when you say "app" can you clarify what you mean i.e. is it an Alexa skill, or something else ?

10 |5000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Tyson Cadnhead avatar image
Tyson Cadnhead answered

Yes, it is a skill, not an app.

Here is what I'm trying to achieve:

  • From our website, the user logs into Amazon using the LWA API ( https://developer.amazon.com/apps-and-games/login-with-amazon )
  • (I'm using the app client from the Alexa skill dashboard, not from the root login with Amazon)
  • (We are using Auth0 as our OAuth provider. Everything seems to be working properly. I have noticed that the live skill doesn't seem to have my OAuth information included like the dev version, but I wasn't sure if that was normal)
  • After the user authenticates successfully, I am calling the /v1/skills/${ALEXA_SKILL_ID}/stages/live/enablement api endpoint to enable the skill for my authenticated user and get their Alexa user id to stash in my database so I can pair the authenticated user with the actions they are attempting to perform
  • The enablement endpoint fails for everyone who is not a developer on my Amazon developers account even though we are live. It says I don't have access to the resource even though the auth flow granted alexa::ask:skills:readwrite and alexa::skills:account_linking
  • My expectation would be that every user would be able to authenticate and enable the skill, but I'm clearly missing something.
1 comment
10 |5000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Andy Whitworth avatar image Andy Whitworth commented ·

" I have noticed that the live skill doesn't seem to have my OAuth information included like the dev version, but I wasn't sure if that was normal)"

Can you expand on this ? I have a skill which uses account linking and the live skill account linking page (in the dev console) shows all the oauth information (apart from the client secret, which is not shown due to security considerations).

0 Likes 0 ·