...
Orbita supports account linking to any third-party system that supports the Auth Code Grant Flow of OAuth 2.0
Authentication and Authorization
...
Go to the global menu and select Providers. The Providers page appears.
Click Add (+). The Provider specification form appears.
Specify the following information:
Note: An OAuth provider’s system administrator must register the Amazon Alexa skill in the Authorization Server as a valid client. Inform the system administrator that you are setting up a “confidential Client Application" that uses the "Auth Code Grant Flow.” After the Amazon Alexa Skill is registered, some of the following information is provided by the system administrator.
Authorization URL. Defined by the OAuth provider’s system administrator, the Authorization URL is used in the first step of the flow to request authorization from the user.
Token URL. Defined by the OAuth provider’s system administrator, the client application requests an access token from the Authorization Provider using this URL.
Client ID, Client Secret. Issued by the service after your application is registered, "client credentials" are in the form of a client identifier and a client secret.
The Client ID is a publicly exposed string that is used by the service API to identify the application and is also used to build authorization URLs that are presented to users.
The Client Secret is used to authenticate the identity of the application to the service API when the application requests to access a user's account and must be kept private between the application and the API.
Callback URL. The callback URL is the URL that the skill wants you to see after a transaction with the client. For example, if you place an online order, you likely have your purchase transaction handled by another client (such as PayPal). After the client processes your purchase, the client needs to return to a URL that your skill controls, depending on the type of client application you are building. Therefore, provide a callback URL to the OAuth provider’s system administrator. Contact https://orbita.help if you need assistance.
For example. http://<baseURI>/api/auth/amazon<providers_name>/callbackScope. Defined by the OAuth provider’s system administrator, this value determines the scope of data access the user can choose from.
Persona Type. When an account is linked, a placeholder user account is created in Orbita. The user is created using the persona type specified in the pull-down menu.
Profile Options. Profile Options will fetch and store the information of the logged-in user, from the client's database. A JSON code that contains the URL, header, method, body, attributes is to be used in this field to get the data.
URL. The Endpoint to get a user’s profile information.
header. If the header is needed for the request, it must include the header as key and value pair.
method. Http verb for profile URL request.
body. Used when a body for request profile is needed.
attributes. Attributes maps the "profile attributes key" with "id", "firstName", "lastName" of the client's attributes. We have limited the mapping to "id", "firstName", and "lastName" for now.
For example, if the profile attribute "id" has to be mapped with Client's "user_id", we have to use "attributes":{"id":"user_id"}
Sample format 1 of Profile Options:Code Block { "url": "https://api.amazon.com/user/profile?access_token=__ACCESS_TOKEN__", "method": "GET", "attributes": { "id": "user_id", "firstName": "first_name", "lastName": "last_name" } }Sample format 2 of Profile Options:
Code Block { "url": "https://www.yourdomain.com/userinfo", "method": "GET", "header": { "content-type": "application/json", "Authorization": "Bearer __ACCESS_TOKEN__" }, "attributes": { "id": "user_id", "firstName": "first_name", "lastName": "last_name" } }
...