Toggle menu
  1. Community Area
  2. Release Notes
  3. Video Guides
  4. gossinteractive.com
  5. MyGOSS

Amazon

OAuth2 operations are performed against the following OAuth2 endpoints using the "profile" scope:

  • Authorization: https://www.amazon.com/ap/oa
  • Token Retrieval: https://api.amazon.com/auth/o2/token
  • User details acquisition: https://api.amazon.com/user/profile

A client specific "Login with Amazon" Security Profile must be created in order to access Login with Amazon services as well as user profile data.

Parameters

As well as the parameters described in Base Provider Parameters, the following must be set in the params object.

NameTypeDescription
client_idString, requiredThe Client ID provided by Amazon
client_secretString, requiredThe Client Secret key provided by Amazon

User Profile Data

Requested scope: profile.

We request the following information from Amazon about a user. The properties are automatically mapped to the Authentication Worker's UserProfile class. These properties are then mapped to actual fields in a site user's profile, following the mappings set up in the userProfileToObjectFieldMapping property of the Worker Configuration Properties.

Amazon PropertyMapped ToDescription
user_idUNIQUEIDAmazon's unique user identifier
NAMEFORENAMESThe full name of the user
namePREFERREDNAMEThe user's preferred name
emailEMAILThe user's email address

See the Linking Providers, Account and Profile Management article for information about how profiles and email addresses are updated.

Configuration Example

{
    "providerName": "amazon", 
    "providerDisplayName": "Amazon", 
    "type": "amazon", 
    "userPrefix": "AM_", 
    "params": {
        "client_id": "amzn1.application-oa2-client.000000000000000", 
        "client_secret": "abcdef1234567890", 
        "checkConsentToStoreData": true, 
        "failIfConsentNotGiven": true
    }
}

Setup

Amazon's documentation can be found at https://login.amazon.com/documentation (opens new window).

Log into Amazon using the developer account that will control your "Login with Amazon". The current URL is https://developer.amazon.com/lwa/sp/overview.html 

Create an new Amazon Security Profile. In the web settings configuration add the authentication worker's return URL (eg https://mywebsite.com/apiserver/auth/http/reentry) as an "allowed return URL". This URL must use https.

You'll find the Client ID and Client Secret keys in the "General" section of the security profile. Add these to the provider configuration in iCM.

Last modified on April 24, 2023

Share this page

Facebook icon Twitter icon email icon

Print

print icon