Skip to Content

Configuring Amazon Login

Amazon Login is an authentication protocol built on top of OAuth. Although OAuth does not support authentication, Amazon Login extends the OAuth protocol to support authentication. Specifically, Amazon Login publishes an endpoint which allows consumers to identify the user. It is possible to leverage this, configuring Amazon Login as an external authentication provider using the OAuth security provider.

The basic process is described in Configuring OAuth. The main tasks involved include:

  1. Register Vinyl as an Amazon Login application.
  2. Create an Amazon OAuth Security Provider.

It's assumed that your organization already has an existing Amazon Login account.

The instructions below will refer to the following properties:

Example Notes
Vinyl App URL https://example.com/Vinyl/ The URL from which Vinyl is hosted. Includes the trailing slash.
Security Provider Name Amazon Each Vinyl security provider is given a logical name. This name is used in the Redirect URL.
Redirect URL https://example.com/Vinyl/signin-Amazon Vinyl automatically provisions a redirect URL for OAuth security providers. Note that the Security Provider Name appears in the Redirect URL.

Register Vinyl as an Amazon Login application

The process for creating Amazon Login applications is documented on the following page:

http://login.amazon.com/website

Start by signing into the Amazon Login App Console.

http://login.amazon.com/manageApps

  1. Click the Sign in to the App Console button.

    01 Sign In To The App Console

  2. Click the Register new application button.

    02 Register New Application

  3. Provide the requested information. For example:

    • Name: Jitterbit
    • Description: No-code development platform.
    • Privacy Notice URL: http://www.zudy.com/
    • Logo Image

  4. Click the Save button.

  5. Click to expand the Web Settings section.

    04 Web Settings

  6. Note the Client ID.

    Example: amzn1.application-oa2-client.1234567890abcdef0987654321

  7. Click the Show Secret button.

    05 Show Secret

  8. Note the Client Secret.

    Example: abcdef09876543211234567890fedcba

  9. Under Allowed Return URLs, click the Edit button.

  10. For the Allowed Return URLs, provide the Redirect URL (see above).

    Example: https://example.com/Vinyl/signin-Amazon

  11. Click the Save button.

Create an Amazon OAuth Security Provider

To create an OAuth security provider, start by signing into Vinyl as an administrator.

  1. Navigate to the IDE
  2. Click the Security Providers button
  3. In the Data Source Authentication panel, click the + Data Source Authentication button

  4. Provide the following:

    • Name: {Security Provider Name}

      Example: Amazon

    • Type: OAuth

    • Priority: An integer between 10 and 100. Note that this value must be unique.

      Example: 50

    • Enabled: Check

    • Show on Login Form: Check

  5. Click the Save button

  6. Set the following properties. In the Properties panel, click the + Property button → Select the Parameter → Provide the Value → Click the Save icon.

    • AuthorizationEndpoint: https://www.amazon.com/ap/oa
    • TokenEndpoint: https://api.amazon.com/auth/o2/token
    • UserInfoEndpoint: https://api.amazon.com/user/profile
    • ClientId: The {Client ID} provided by Amazon
    • ClientSecret: The {Client Secret} provided by Amazon
    • Scopes: profile

  7. In the Claims panel, click the + Claim button → Provide the Identifier → Select the Usage → Click the Save icon

    • Identifier: email
    • Usage: Name

Assuming everything has been configured correctly, you should be able to login with your Amazon account.