question

Bcarbs avatar image
Bcarbs asked

invalid_grant redirect_uri during dash LWA

POST:
curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -H "Cache-Control: no-cache" -d 'grant_type=authorization_code&code=ANGM...&client_id=amzn1.application-oa2-client.1d46...&client_secret=6c92...&redirect_uri=https%3A%2F%2Fwww.getpostman.com%2Foauth2%2Fcallback' "https://api.amazon.com/auth/o2/token"

Response:
{
  "error_description": "The request has an invalid grant parameter : redirect_uri",
  "error": "invalid_grant"
}

Authorization Code Grant exchange of authorization_code for access and refresh tokens results in above error message.

Has something changed in how redirect_uri is verified? The last time I tested this was 1/23 and had no issues performing the OAuth2.0 handshake and authorization process then.

Here's the original authorization request url with redacted client_id...

https://www.amazon.com/ap/oa?client_id=amzn1.application-oa2-client.1d46c...&scope=dash%3Areplenish&scope_data=%7B%22dash%3Areplenish%22%3A%7B%22device_model%22%3A%22eb9edf13-5a38-4d72-b7e5-37a788e144bf%22%2C%22serial%22%3A%22arduino123456789%22%2C%20%22is_test_device%22%3A%22true%22%7D%7D&response_type=code&redirect_uri=https%3A%2F%2Fwww.getpostman.com%2Foauth2%2Fcallback

This delivers the reg process and then returns me the code, but exchange of this authorization_code results in the above error. Thanks for the help!

login with amazon
1 comment
10 |5000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Hi Bcarbs

It seems in redirect URI you have used https & www of getpostman and in web settings you have mentioned only https, You need to replicate as it in web settings too.

0 Likes 0 ·

1 Answer

Jamie Grossman avatar image
Jamie Grossman answered

Hi there,

Thanks for posting.

Here is our developer guide regarding the matter; as explained, you do not need to pass the redirect uri if you have used the LWA JS sdk for authorization request. Information regarding the invalid_grant error code is also discussed.

Thanks,

Jamie

10 |5000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.