I’m trying to implement Alexa App to App Linking via LWA fallback, but importantly I’m trying to do so where the mobile app’s authentication provider, as well Skill's account linking provider, is Login with Amazon.
I can't figure out a way to do this without needing the user to login to Amazon 3 times in a row, which is a confusing user experience.
The App Linking flow (via LWA fallback) is:
- Login with Amazon to get first Auth Code with
- Authorize Alexa App Linking to get second Auth Code with
- Use second auth code to get app linking access token
- Link account using app linking access token and passing in first auth code
Now this all works fine and I can successfully link the user’s account - but the problem is the first user auth code has now been used (they can only be used once) - so it’s invalid and I can’t use it to get the user’s access token to authenticate the mobile app.
This means that, in order to Login with Amazon and Link Alexa as part of the same signup flow on mobile, from a user’s perspective they are Logging In with Amazon 3 times in a row!
Once to authenticate the mobile app, once to get a new
profile scoped auth code for use in account linking, and once to get the access token to complete account linking.
I think you’ll agree it’s not the best user experience!
I'm wondering if anyone could suggest a way of getting around this?