Setup Amazon login
This page explains how to add Amazon's sign-in service to your applications to allow customers to log in with their Amazon identities to Strivacity.

Objective

By integrating with Amazon's sign-in service, you allow customers to log into your application with their existing Amazon identities.

Overview

Strivacity's support for social authentication and registration allows you to easily establish a trusted relationship between your applications and various social identity providers.
Easy-to-add social login providers
Social provider add-ons in the Admin Console come with many client-side configurations out of the box to make integration as painless as possible:
  • autodiscovery URL with automatic endpoint collection
  • pre-defined scopes for the essential requests
  • pre-configured claim mappings to obtain and synchronize relevant social profile attributes
  • continuous customer data synchronization

Prerequisites

General

  • General understanding of the OIDC Authorization Code Flow grant type
  • A test application where you can apply and test the Amazon social provider
To demonstrate the integration process, the test application will be Strivacity's customer self-service management utility. The process will look mostly the same for any other application.

Amazon

  • Existing Amazon identity
  • New Amazon security profile
    • Client ID and Secret of the security profile

Strivacity

  • Up-and-running Strivacity instance
  • Redirect URI where customers are redirected after successful authentication: https://<yourStrivacityinstanceID>.strivacity.com/provider/continue
  • Test application to test the social provider
  • The application's self-service URL for reference

Configuration steps

Creating an Amazon security profile for integration

1) Access Amazon's developer console.
2) Click ‘Create a new security profile’.
You will be redirected to the ‘Security Profile Management’ page.
3) Fill in the required fields:
  • Name your new security profile
  • Add a description of the security profile
  • Provide a URL to your brand’s Privacy Policy at 'Consent Privacy Notice URL'
  • Add a logo
4) Click ‘Save’ once you’ve completed the fields.
You will land on the 'Login with Amazon Console' tab inside your developer console.

Managing app settings

5) Hover over the cogwheel icon and select 'Security Profile'.
You will land on the 'General' tab of your selected security profile.
6) Switch to the 'Web settings' tab
  • Capture the Client ID and Secret
  • Click 'Edit' and add a redirect URL at ‘Allowed Return URLs’
The redirect URL consists of your Strivacity instance ID and the following endpoint:
https://<yourStrivacityinstanceID>.strivacity.com/provider/continue
7) Save your changes
You’re all set for adding Amazon's sign-in experience to your applications.

Adding Amazon as a social login provider

1) In the Strivacity Admin Console, navigate to External Login > Social Login.
2) Click ‘Create Social Login Provider’.
Social login page without any providers added yet
3) Select ‘Amazon’ from the list of available social provider capabilities.
Easy-to-add social login providers
4) Paste the Client ID and Secret you’ve previously obtained from your Amazon security profile.
Create Amazon login provider page with client credentials added
Access to basic profile information is a required scope that’s already defined. You can allow additional access for Strivacity applications to postal codes. Find out more about the essential and voluntary scopes for Amazon’s sign-in service on this page.
5) Enable Synchronize and store profile data at each login to ensure customer data is kept up-to-date inside your application.
6) Click ‘Save’ to add the LinkedIn social provider.
Claim mappings are automatically handled for social login providers after saving.
List of mapped Amazon claims

Adding Amazon sign-in capability to your application

Follow the steps described in this guide to add a social login provider to an application.

Testing your social login provider

1) Copy the self-service URL of your application.
2) Open an incognito window or launch another browser.
3) Go to the self-service login page of your application using the application’s link.
4) Click ‘Continue with Amazon’ to sign in with your Amazon identity.
Login screen with Amazon social provider option
In case of successful setup, after authentication, you should be asked to allow permission to your basic profile information (and the postal code if defined) in your Amazon account.