question

ethertree avatar image
ethertree asked

api_key.txt

From what I understand in the Amazon documentation the ADM key needs to be in the assets/ api_key.txt file. The problem I have is I am also integrating Amazon Login, which also uses a key from the same file, but the key for the login account and the app are different. Am I missing something? Can you specify a key file directly in the manifest or what do I do when I need both these two functions (plus a few other amazon APIs)? Tree
amazon device messaging
10 |5000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Sujoy@Amazon avatar image
Sujoy@Amazon answered
Hi Ethertree, Thank you for posting. You should use same security profile for ADM and GameCircle 2.0. So api key you keep in the assets directory, can be used by both the sdk.
10 |5000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

ethertree avatar image
ethertree answered
I think you misunderstand the question. What I was saying is the key I have in api_key.txt is from login.amazon.com, not from the app in developers.amazon.com. So it's not associated with the app. I can use one from the app to use with ADM, which I'll be working on today, but if the login key is in the api_key.txt file I don't see how Amazon login will work in the same app as ADM. The authentication services are different (I assume). I'm basing that assumption on the fact the Amazon Login service rejects the key associated with the app, but is fine with one generated from login.aamzon.com. As a further related question, I have a debug and release key for both these services. It there a way to specify the key file used in code so I don't have to do a pre-build step of copying the debug or release key to api_key.txt Thanks
10 |5000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

ethertree avatar image
ethertree answered
As an addition to my question above I have now spent a few hours trying to just get the ADM registration to work, with no success. With a valid key I get an error of SERVICE_NOT_AVAILABLE. I have checked the MD5 with that of the generated apk and the debug API key generated for the security profile. That all matches. I have also confirmed that ADM is enabled for this app. I have also checked a valid key which does not match this APK (this test key matched the release signature) and that returns INVALID_SENDER. So, this makes me think my debug api_key.txt gets through at least the validation hurdle. So I'm a bit stuck. The code is so simple (just taken from the example project that I'm not sure where I am going wrong. I have also checked the app package is the same everywhere and it looks like it is in the manifest and app definition on this site, and I have even completed all the app pages but not submitted the app. Any help with what can cause the SERVICE_NOT _AVAILABLE message for my app? Surely I don't need to submit the app before testing ADM? Thanks in advance.
10 |5000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

ethertree avatar image
ethertree answered
I have sorted the SERVICE_NOT_AVAILABLE error. This was because the kindle I was using was not registered to an Amazon user yet. As there are probably several reasons for this error message can I suggest a more details reason is provided? Looking at this forum this message appears a few times and most likely not the same reason as for me. I will leave this question open as the initial question about api keys from login.amazon.com and developer.amazon.com has not been answered. To reiterate. A key from login.amazon.com (for login) works fine for login, but one from developer.amazon.com does not. The login key also seems to let me register for ADM, so it may be I can just use the login key. I will investigate further, but if that is so, the security profile isn't being used.
10 |5000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

ethertree avatar image
ethertree answered
I have confirmed you cannot use an api key from login.amazon.com to get a valid registrationId. Although with this api key in the api_key.txt file you can create a registrationId. When you try to send a message with thie value, the ADM response is 400 InvalidRegistrationId. There are two points here: 1. The login service key really shouldn't be able to generate a registrationId. 2. I can still only EITHER "Login with Amazon" OR use ADM. but not both. - becuase both services have an api key which must be in api_key.txt (as far as the documentation states). Surely there is a way around this? Tree
10 |5000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Sujoy@Amazon avatar image
Sujoy@Amazon answered
Hi Tree, I understood the concern and forwarded the issue to the concerned team. I will post back after getting update from them. Thanks for detailing and bringing the issue to our notice.
10 |5000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Sujoy@Amazon avatar image
Sujoy@Amazon answered
Hi Tree, We need one input from you to investigate the problem you reported. Are signing the app on your own? Which certificate your are using to sign the app? Is that debug or a custom cert made by you?
10 |5000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

ethertree avatar image
ethertree answered
It's a debug key, where I moved the keystore location to a version control so other developers can use it on the project. I do have a self-certificate for release, so the process I use for debug and release to generate and verify keys is the same for my Play Store app. Is it suggested that the type of certificate is the problem?
10 |5000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

ethertree avatar image
ethertree answered
I feel I should be a bit more explicit as I was a bit woolly earlier. - I have two certificates under my control, one for debug and one for release - The debug certificate was not generated by me, but I did copy the keystore which contains the cert into source controlled folder so any other developer who works on the project has the same key, and I have pointed my project build to this debug.keystore file. So I definitely know this is the keystore and certificate being used. - The release certificate I use was generated by me (it's from the same keystore I use for my PlayStore app signing). - I used the MD5 from these two certificates to generate all my api keys from both this site and for "Login with Amazon" Tree
10 |5000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Sujoy@Amazon avatar image
Sujoy@Amazon answered
Thanks. I will post back after getting reply from the concerned team.
10 |5000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.