This is my first time developing an Alexa skill. I have a question that I'm hoping that someone can help me with.
My question has to do with persistence. My company has an API that is providing all the information that the alexa skill will need, but we need to protect the clients data as much as possible. Our plan is to provide a One Time Pin(OTP) that the user will tell to the alexa skill right after they first install the skill. The alexa skill will pass that OTP to the Lambda and the Lambda will connect to our API. Then the API will generate an APIToken and return it to the Lambda. At this point, I wanted to use persistence (maybe with S3) to save the device ID and the APItoken. Thus allowing Lambda to always send the APIToken with every future request. However, I think this might cause an issue for people who use multiple alexa devices.
Here is a basic visual that has helped me keep track of what is going on.
OTP => Alexa skill => Lambda => API => API genterates APIToken => Lambda => Lambda saves it somewhere?
What are your recommendations for multi device users?