Client authentication failed in Postman request for Amazon Alexa Smart Home Skill LWA












1















I am referring to Amazon documentation for the purpose of Customer Authentication. Currently, I am using LWA.



Steps I followed:




  1. I enabled the Send Alexa Events Permission from the Alexa developer Console in Build > Permission page.


  2. I took the grant code from the request in the cloudwatch logs which was sent when I logged in using Alexa companion app.



Example:-



    {
"directive": {
"header": {
"messageId": "Example",
"name": "AcceptGrant",
"namespace": "Alexa.Authorization",
"payloadVersion": "3"
},
"payload": {
"grant": {
"code": "Example2",
"type": "OAuth2.AuthorizationCode"
},
"grantee": {
"token": "Example3",
"type": "BearerToken"
}
}
}
}



  1. Permission Page under build on Alexa Developer console gave me client-Id and client-secret Which I used for making the post request to https://api.amazon.com/auth/o2/token.


Example:-



 POST /auth/o2/token HTTP/l.l
Host: api.amazon.com
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
grant_type=authorization_code&code=&client_id=&client_secret=


I passed the code,client_id, and client_secret in the above example and made the post request to this URL https://api.amazon.com/auth/o2/token




  1. I tried using x-www-form-urlencoded;charset=UTF-8 and also JSON for the Content-Type.


I followed the step given in the above documentation and I am stuck on the error ( 401 Unauthorized ):



{
"error_description": "The request has an invalid grant parameter : code",
"error": "invalid_grant"
}


I tried implementing it using Python code and Postman both. Ending up with the Same above error scenario.










share|improve this question





























    1















    I am referring to Amazon documentation for the purpose of Customer Authentication. Currently, I am using LWA.



    Steps I followed:




    1. I enabled the Send Alexa Events Permission from the Alexa developer Console in Build > Permission page.


    2. I took the grant code from the request in the cloudwatch logs which was sent when I logged in using Alexa companion app.



    Example:-



        {
    "directive": {
    "header": {
    "messageId": "Example",
    "name": "AcceptGrant",
    "namespace": "Alexa.Authorization",
    "payloadVersion": "3"
    },
    "payload": {
    "grant": {
    "code": "Example2",
    "type": "OAuth2.AuthorizationCode"
    },
    "grantee": {
    "token": "Example3",
    "type": "BearerToken"
    }
    }
    }
    }



    1. Permission Page under build on Alexa Developer console gave me client-Id and client-secret Which I used for making the post request to https://api.amazon.com/auth/o2/token.


    Example:-



     POST /auth/o2/token HTTP/l.l
    Host: api.amazon.com
    Content-Type: application/x-www-form-urlencoded;charset=UTF-8
    grant_type=authorization_code&code=&client_id=&client_secret=


    I passed the code,client_id, and client_secret in the above example and made the post request to this URL https://api.amazon.com/auth/o2/token




    1. I tried using x-www-form-urlencoded;charset=UTF-8 and also JSON for the Content-Type.


    I followed the step given in the above documentation and I am stuck on the error ( 401 Unauthorized ):



    {
    "error_description": "The request has an invalid grant parameter : code",
    "error": "invalid_grant"
    }


    I tried implementing it using Python code and Postman both. Ending up with the Same above error scenario.










    share|improve this question



























      1












      1








      1








      I am referring to Amazon documentation for the purpose of Customer Authentication. Currently, I am using LWA.



      Steps I followed:




      1. I enabled the Send Alexa Events Permission from the Alexa developer Console in Build > Permission page.


      2. I took the grant code from the request in the cloudwatch logs which was sent when I logged in using Alexa companion app.



      Example:-



          {
      "directive": {
      "header": {
      "messageId": "Example",
      "name": "AcceptGrant",
      "namespace": "Alexa.Authorization",
      "payloadVersion": "3"
      },
      "payload": {
      "grant": {
      "code": "Example2",
      "type": "OAuth2.AuthorizationCode"
      },
      "grantee": {
      "token": "Example3",
      "type": "BearerToken"
      }
      }
      }
      }



      1. Permission Page under build on Alexa Developer console gave me client-Id and client-secret Which I used for making the post request to https://api.amazon.com/auth/o2/token.


      Example:-



       POST /auth/o2/token HTTP/l.l
      Host: api.amazon.com
      Content-Type: application/x-www-form-urlencoded;charset=UTF-8
      grant_type=authorization_code&code=&client_id=&client_secret=


      I passed the code,client_id, and client_secret in the above example and made the post request to this URL https://api.amazon.com/auth/o2/token




      1. I tried using x-www-form-urlencoded;charset=UTF-8 and also JSON for the Content-Type.


      I followed the step given in the above documentation and I am stuck on the error ( 401 Unauthorized ):



      {
      "error_description": "The request has an invalid grant parameter : code",
      "error": "invalid_grant"
      }


      I tried implementing it using Python code and Postman both. Ending up with the Same above error scenario.










      share|improve this question
















      I am referring to Amazon documentation for the purpose of Customer Authentication. Currently, I am using LWA.



      Steps I followed:




      1. I enabled the Send Alexa Events Permission from the Alexa developer Console in Build > Permission page.


      2. I took the grant code from the request in the cloudwatch logs which was sent when I logged in using Alexa companion app.



      Example:-



          {
      "directive": {
      "header": {
      "messageId": "Example",
      "name": "AcceptGrant",
      "namespace": "Alexa.Authorization",
      "payloadVersion": "3"
      },
      "payload": {
      "grant": {
      "code": "Example2",
      "type": "OAuth2.AuthorizationCode"
      },
      "grantee": {
      "token": "Example3",
      "type": "BearerToken"
      }
      }
      }
      }



      1. Permission Page under build on Alexa Developer console gave me client-Id and client-secret Which I used for making the post request to https://api.amazon.com/auth/o2/token.


      Example:-



       POST /auth/o2/token HTTP/l.l
      Host: api.amazon.com
      Content-Type: application/x-www-form-urlencoded;charset=UTF-8
      grant_type=authorization_code&code=&client_id=&client_secret=


      I passed the code,client_id, and client_secret in the above example and made the post request to this URL https://api.amazon.com/auth/o2/token




      1. I tried using x-www-form-urlencoded;charset=UTF-8 and also JSON for the Content-Type.


      I followed the step given in the above documentation and I am stuck on the error ( 401 Unauthorized ):



      {
      "error_description": "The request has an invalid grant parameter : code",
      "error": "invalid_grant"
      }


      I tried implementing it using Python code and Postman both. Ending up with the Same above error scenario.







      amazon-web-services oauth postman alexa






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Nov 21 '18 at 14:40







      Sharvin Shah

















      asked Nov 21 '18 at 10:24









      Sharvin ShahSharvin Shah

      7416




      7416
























          1 Answer
          1






          active

          oldest

          votes


















          0














          Here is a sample code to help you and others who are looking to send events to alexa gateway.



          const AWS = require('aws-sdk');
          AWS.config.update({region: 'eu-west-1'});

          // Create the DynamoDB service object
          const ddb = new AWS.DynamoDB({ apiVersion: 'latest' });
          const doc = new AWS.DynamoDB.DocumentClient({
          convertEmptyValues: true,
          service: ddb
          });

          // Using 'request' for http POST and GET request.
          // https://www.npmjs.com/package/requests
          // npm install --save requests
          const r = require('request');

          //Handle Authorization. Call this method from your lambda handler whenever you get Alexa.Authorization message. You will get this message only when you select permission to
          //send events in your Smart Home Skill.
          //Access to Event gateway allows you to enable Proactive Device Discovery and
          //Proactive State Reporting in your skill
          //More information on Alexa.Authorization can be found on https://developer.amazon.com/docs/device-apis/alexa-authorization.html
          function handleAuthorization(request, context, user) {

          //Even when you are using your own authentication, the url below will still
          //point to amazon OAuth token url. The token you obtain here has to be stored
          //separately for this user. Whenever sending an event to alexa event gateway you will
          //require this token.
          //URL below is for EU server. Look at following documentation link to identify correct url
          //for your system.
          //https://developer.amazon.com/docs/smarthome/send-events-to-the-alexa-event-gateway.html
          var url = "https://api.amazon.com/auth/o2/token";
          var body = {
          grant_type : 'authorization_code',
          code : request.directive.payload.grant.code,
          client_id : 'your client id from permissions page on developer portal where you enable alexa events. This is id different than one you specify in account linking settings',
          client_secret : 'client secret from permissions page'
          }

          //https://developer.amazon.com/docs/smarthome/authenticate-a-customer-permissions.html
          r.post({
          url: url,
          form : body
          }, function(error, response, b){
          if (error) { return console.log(error); }
          var body = JSON.parse(b);
          var params = {
          TableName: 'Devices',
          Item: {
          'id' : user,
          'auth_token' : body.access_token,
          'refresh_token' : body.refresh_token
          }
          }
          log("DEBUG:", "Authorization Body", JSON.stringify(body));
          log("DEBUG:", "Authorization Response", JSON.stringify(response));
          log("DEBUG:", "Database Params", JSON.stringify(params));

          // Call DynamoDB to add the item to the table
          var putObjectPromise = doc.put(params).promise();
          //Store auth_token and refresh_token in database. We will need these
          //while sending events to event gateway.
          //Send a success response.
          putObjectPromise.then(function(data) {
          var response = {
          event: {
          header: {
          messageId: request.directive.header.messageId,
          namespace: "Alexa.Authorization",
          name: "AcceptGrant.Response",
          payloadVersion: "3"
          },
          "payload": {
          }
          }
          };

          context.succeed(response);
          }).catch(function(err) {
          //TODO - Add a Authorization error response JSON here.
          console.log(err);
          });
          });
          }





          share|improve this answer

























            Your Answer






            StackExchange.ifUsing("editor", function () {
            StackExchange.using("externalEditor", function () {
            StackExchange.using("snippets", function () {
            StackExchange.snippets.init();
            });
            });
            }, "code-snippets");

            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "1"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });














            draft saved

            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53409972%2fclient-authentication-failed-in-postman-request-for-amazon-alexa-smart-home-skil%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            0














            Here is a sample code to help you and others who are looking to send events to alexa gateway.



            const AWS = require('aws-sdk');
            AWS.config.update({region: 'eu-west-1'});

            // Create the DynamoDB service object
            const ddb = new AWS.DynamoDB({ apiVersion: 'latest' });
            const doc = new AWS.DynamoDB.DocumentClient({
            convertEmptyValues: true,
            service: ddb
            });

            // Using 'request' for http POST and GET request.
            // https://www.npmjs.com/package/requests
            // npm install --save requests
            const r = require('request');

            //Handle Authorization. Call this method from your lambda handler whenever you get Alexa.Authorization message. You will get this message only when you select permission to
            //send events in your Smart Home Skill.
            //Access to Event gateway allows you to enable Proactive Device Discovery and
            //Proactive State Reporting in your skill
            //More information on Alexa.Authorization can be found on https://developer.amazon.com/docs/device-apis/alexa-authorization.html
            function handleAuthorization(request, context, user) {

            //Even when you are using your own authentication, the url below will still
            //point to amazon OAuth token url. The token you obtain here has to be stored
            //separately for this user. Whenever sending an event to alexa event gateway you will
            //require this token.
            //URL below is for EU server. Look at following documentation link to identify correct url
            //for your system.
            //https://developer.amazon.com/docs/smarthome/send-events-to-the-alexa-event-gateway.html
            var url = "https://api.amazon.com/auth/o2/token";
            var body = {
            grant_type : 'authorization_code',
            code : request.directive.payload.grant.code,
            client_id : 'your client id from permissions page on developer portal where you enable alexa events. This is id different than one you specify in account linking settings',
            client_secret : 'client secret from permissions page'
            }

            //https://developer.amazon.com/docs/smarthome/authenticate-a-customer-permissions.html
            r.post({
            url: url,
            form : body
            }, function(error, response, b){
            if (error) { return console.log(error); }
            var body = JSON.parse(b);
            var params = {
            TableName: 'Devices',
            Item: {
            'id' : user,
            'auth_token' : body.access_token,
            'refresh_token' : body.refresh_token
            }
            }
            log("DEBUG:", "Authorization Body", JSON.stringify(body));
            log("DEBUG:", "Authorization Response", JSON.stringify(response));
            log("DEBUG:", "Database Params", JSON.stringify(params));

            // Call DynamoDB to add the item to the table
            var putObjectPromise = doc.put(params).promise();
            //Store auth_token and refresh_token in database. We will need these
            //while sending events to event gateway.
            //Send a success response.
            putObjectPromise.then(function(data) {
            var response = {
            event: {
            header: {
            messageId: request.directive.header.messageId,
            namespace: "Alexa.Authorization",
            name: "AcceptGrant.Response",
            payloadVersion: "3"
            },
            "payload": {
            }
            }
            };

            context.succeed(response);
            }).catch(function(err) {
            //TODO - Add a Authorization error response JSON here.
            console.log(err);
            });
            });
            }





            share|improve this answer






























              0














              Here is a sample code to help you and others who are looking to send events to alexa gateway.



              const AWS = require('aws-sdk');
              AWS.config.update({region: 'eu-west-1'});

              // Create the DynamoDB service object
              const ddb = new AWS.DynamoDB({ apiVersion: 'latest' });
              const doc = new AWS.DynamoDB.DocumentClient({
              convertEmptyValues: true,
              service: ddb
              });

              // Using 'request' for http POST and GET request.
              // https://www.npmjs.com/package/requests
              // npm install --save requests
              const r = require('request');

              //Handle Authorization. Call this method from your lambda handler whenever you get Alexa.Authorization message. You will get this message only when you select permission to
              //send events in your Smart Home Skill.
              //Access to Event gateway allows you to enable Proactive Device Discovery and
              //Proactive State Reporting in your skill
              //More information on Alexa.Authorization can be found on https://developer.amazon.com/docs/device-apis/alexa-authorization.html
              function handleAuthorization(request, context, user) {

              //Even when you are using your own authentication, the url below will still
              //point to amazon OAuth token url. The token you obtain here has to be stored
              //separately for this user. Whenever sending an event to alexa event gateway you will
              //require this token.
              //URL below is for EU server. Look at following documentation link to identify correct url
              //for your system.
              //https://developer.amazon.com/docs/smarthome/send-events-to-the-alexa-event-gateway.html
              var url = "https://api.amazon.com/auth/o2/token";
              var body = {
              grant_type : 'authorization_code',
              code : request.directive.payload.grant.code,
              client_id : 'your client id from permissions page on developer portal where you enable alexa events. This is id different than one you specify in account linking settings',
              client_secret : 'client secret from permissions page'
              }

              //https://developer.amazon.com/docs/smarthome/authenticate-a-customer-permissions.html
              r.post({
              url: url,
              form : body
              }, function(error, response, b){
              if (error) { return console.log(error); }
              var body = JSON.parse(b);
              var params = {
              TableName: 'Devices',
              Item: {
              'id' : user,
              'auth_token' : body.access_token,
              'refresh_token' : body.refresh_token
              }
              }
              log("DEBUG:", "Authorization Body", JSON.stringify(body));
              log("DEBUG:", "Authorization Response", JSON.stringify(response));
              log("DEBUG:", "Database Params", JSON.stringify(params));

              // Call DynamoDB to add the item to the table
              var putObjectPromise = doc.put(params).promise();
              //Store auth_token and refresh_token in database. We will need these
              //while sending events to event gateway.
              //Send a success response.
              putObjectPromise.then(function(data) {
              var response = {
              event: {
              header: {
              messageId: request.directive.header.messageId,
              namespace: "Alexa.Authorization",
              name: "AcceptGrant.Response",
              payloadVersion: "3"
              },
              "payload": {
              }
              }
              };

              context.succeed(response);
              }).catch(function(err) {
              //TODO - Add a Authorization error response JSON here.
              console.log(err);
              });
              });
              }





              share|improve this answer




























                0












                0








                0







                Here is a sample code to help you and others who are looking to send events to alexa gateway.



                const AWS = require('aws-sdk');
                AWS.config.update({region: 'eu-west-1'});

                // Create the DynamoDB service object
                const ddb = new AWS.DynamoDB({ apiVersion: 'latest' });
                const doc = new AWS.DynamoDB.DocumentClient({
                convertEmptyValues: true,
                service: ddb
                });

                // Using 'request' for http POST and GET request.
                // https://www.npmjs.com/package/requests
                // npm install --save requests
                const r = require('request');

                //Handle Authorization. Call this method from your lambda handler whenever you get Alexa.Authorization message. You will get this message only when you select permission to
                //send events in your Smart Home Skill.
                //Access to Event gateway allows you to enable Proactive Device Discovery and
                //Proactive State Reporting in your skill
                //More information on Alexa.Authorization can be found on https://developer.amazon.com/docs/device-apis/alexa-authorization.html
                function handleAuthorization(request, context, user) {

                //Even when you are using your own authentication, the url below will still
                //point to amazon OAuth token url. The token you obtain here has to be stored
                //separately for this user. Whenever sending an event to alexa event gateway you will
                //require this token.
                //URL below is for EU server. Look at following documentation link to identify correct url
                //for your system.
                //https://developer.amazon.com/docs/smarthome/send-events-to-the-alexa-event-gateway.html
                var url = "https://api.amazon.com/auth/o2/token";
                var body = {
                grant_type : 'authorization_code',
                code : request.directive.payload.grant.code,
                client_id : 'your client id from permissions page on developer portal where you enable alexa events. This is id different than one you specify in account linking settings',
                client_secret : 'client secret from permissions page'
                }

                //https://developer.amazon.com/docs/smarthome/authenticate-a-customer-permissions.html
                r.post({
                url: url,
                form : body
                }, function(error, response, b){
                if (error) { return console.log(error); }
                var body = JSON.parse(b);
                var params = {
                TableName: 'Devices',
                Item: {
                'id' : user,
                'auth_token' : body.access_token,
                'refresh_token' : body.refresh_token
                }
                }
                log("DEBUG:", "Authorization Body", JSON.stringify(body));
                log("DEBUG:", "Authorization Response", JSON.stringify(response));
                log("DEBUG:", "Database Params", JSON.stringify(params));

                // Call DynamoDB to add the item to the table
                var putObjectPromise = doc.put(params).promise();
                //Store auth_token and refresh_token in database. We will need these
                //while sending events to event gateway.
                //Send a success response.
                putObjectPromise.then(function(data) {
                var response = {
                event: {
                header: {
                messageId: request.directive.header.messageId,
                namespace: "Alexa.Authorization",
                name: "AcceptGrant.Response",
                payloadVersion: "3"
                },
                "payload": {
                }
                }
                };

                context.succeed(response);
                }).catch(function(err) {
                //TODO - Add a Authorization error response JSON here.
                console.log(err);
                });
                });
                }





                share|improve this answer















                Here is a sample code to help you and others who are looking to send events to alexa gateway.



                const AWS = require('aws-sdk');
                AWS.config.update({region: 'eu-west-1'});

                // Create the DynamoDB service object
                const ddb = new AWS.DynamoDB({ apiVersion: 'latest' });
                const doc = new AWS.DynamoDB.DocumentClient({
                convertEmptyValues: true,
                service: ddb
                });

                // Using 'request' for http POST and GET request.
                // https://www.npmjs.com/package/requests
                // npm install --save requests
                const r = require('request');

                //Handle Authorization. Call this method from your lambda handler whenever you get Alexa.Authorization message. You will get this message only when you select permission to
                //send events in your Smart Home Skill.
                //Access to Event gateway allows you to enable Proactive Device Discovery and
                //Proactive State Reporting in your skill
                //More information on Alexa.Authorization can be found on https://developer.amazon.com/docs/device-apis/alexa-authorization.html
                function handleAuthorization(request, context, user) {

                //Even when you are using your own authentication, the url below will still
                //point to amazon OAuth token url. The token you obtain here has to be stored
                //separately for this user. Whenever sending an event to alexa event gateway you will
                //require this token.
                //URL below is for EU server. Look at following documentation link to identify correct url
                //for your system.
                //https://developer.amazon.com/docs/smarthome/send-events-to-the-alexa-event-gateway.html
                var url = "https://api.amazon.com/auth/o2/token";
                var body = {
                grant_type : 'authorization_code',
                code : request.directive.payload.grant.code,
                client_id : 'your client id from permissions page on developer portal where you enable alexa events. This is id different than one you specify in account linking settings',
                client_secret : 'client secret from permissions page'
                }

                //https://developer.amazon.com/docs/smarthome/authenticate-a-customer-permissions.html
                r.post({
                url: url,
                form : body
                }, function(error, response, b){
                if (error) { return console.log(error); }
                var body = JSON.parse(b);
                var params = {
                TableName: 'Devices',
                Item: {
                'id' : user,
                'auth_token' : body.access_token,
                'refresh_token' : body.refresh_token
                }
                }
                log("DEBUG:", "Authorization Body", JSON.stringify(body));
                log("DEBUG:", "Authorization Response", JSON.stringify(response));
                log("DEBUG:", "Database Params", JSON.stringify(params));

                // Call DynamoDB to add the item to the table
                var putObjectPromise = doc.put(params).promise();
                //Store auth_token and refresh_token in database. We will need these
                //while sending events to event gateway.
                //Send a success response.
                putObjectPromise.then(function(data) {
                var response = {
                event: {
                header: {
                messageId: request.directive.header.messageId,
                namespace: "Alexa.Authorization",
                name: "AcceptGrant.Response",
                payloadVersion: "3"
                },
                "payload": {
                }
                }
                };

                context.succeed(response);
                }).catch(function(err) {
                //TODO - Add a Authorization error response JSON here.
                console.log(err);
                });
                });
                }






                share|improve this answer














                share|improve this answer



                share|improve this answer








                edited Jan 3 at 10:59

























                answered Nov 22 '18 at 9:14









                chejaraschejaras

                647310




                647310






























                    draft saved

                    draft discarded




















































                    Thanks for contributing an answer to Stack Overflow!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53409972%2fclient-authentication-failed-in-postman-request-for-amazon-alexa-smart-home-skil%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    Popular posts from this blog

                    "Incorrect syntax near the keyword 'ON'. (on update cascade, on delete cascade,)

                    Alcedinidae

                    Origin of the phrase “under your belt”?