Security profiles for an application contain the access credentials. The client_id is the equivalent of the user name and client_secret is the password.
Create a login with Amazon Security Profile
For your application to work with the Slate API, you must create a login with Amazon Security Profile.
- Go to Amazon Developer Registration (https://developer.amazon.com/loginwithamazon/console/site/lwa/overview.html) and sign in.
If you don’t have an Amazon developer account, create one.
Note: Developers in Japan should first create an account at amazon.co.jp. - In the Login with Amazon console, click Create a New Security Profile.
- For Security Profile Name, enter a name that will help you later identify the application’s intent (for example, “Video Report Downloader”).
- For Security Profile Description, enter a description.
The description you enter will appear in the security profile list to help you identify the security profile’s purpose. - For Consent Privacy Notice URL, enter a URL for a page that contains information about the privacy impact, authorizing the application to login as themselves.
We recommend entering a URL that links back to a page in Slate explaining the purpose of the application. - For Consent Logo Image, select an optional image that will appear on the authorization/consent page.
- Click Save.
Set redirect URL
- In your Amazon developer account, in the Login with Amazon console, find the security profile that you created, and then click the Manage icon.
- Click Web Settings.
- Click Edit.
In the Allowed Return URLs box, enter the redirect URL.
This URL is the web page where the user is redirected after authorizing/consenting the application. We recommend that you use either a secure (https:B) domain that you own and control, or https://localhost as a fallback.Note: Save the URL. You must use this same URL to retrieve an authorization code.
- Click Save.
Get credentials
These steps get your security profile credentials.
- On the Web Settings tab of the security profile, for Client Secret, click Show Secret.
- Copy the Client ID and Client Secret.
These are your application’s username and password, respectively. You will need this information later.
Notes:
- Save the application credentials (client_id and client_secret). You must use the same credentials to retrieve an authorization code.
- client_secret is sensitive and should be kept in your organization’s secrets management system.
- If you need to retrieve the client_id and client_secret information later, return to this page.