When Alexa asks for a token using the Access Token URI while linking the account(so grant_type is authorization_code), the scope parameter i defined(offline_access) is not included in the request, so the authorization server does not return a refresh token, only an access token. So after the access token expired, my skill does not work anymore. I've setup an API gateway to check the request during account linking, and this is the request i see:
(fe30ec0f-7a2f-11e7-bc67-c5b92da9a058) Method request body before transformations: grant_type=authorization_code&code=XXXX&redirect_uri=https%3A%2F%2Fpitangui.amazon.com%2Fapi%2Fskill%2Flink%XXXX&client_id=XXXX&client_secret=XXXX
I have only one scope defined in the skill configuration, called "offline_access". I'm trying to authenticate agains Okta, and based on the documentation, if i specify this scope, a refresh token will be returned in the authorization_code grant_type request.
My main problem is that the skill stops working after the access token expires and i think this is the cause. I can send log ids if needed.