Not getting query params from redirect URI

Lakshmi_Narasimhan · December 22, 2020, 5:13pm

Facing few issues OAUTH when trying to authorize in amazon seller central

We are trying to authorize the amazon seller from our website(freshdesk) where we are loading Authorization URI from our end. In the amazon consent page we are getting the confirmation messages for authorizing amazon selling data.
Once we click on the confirm button we are again landing back to the same consent page (i.e reaching FDK and again redirecting back to amazon) where it is asking us to log in to Freshworks for Amazon Sellers .

we aren’t redirected back to the redirect URI.

We would like to share a video grab and har files for the same.
Please do have a look at this. You can find all the details regarding the Amazon Seller OAuth flow here

our oauth_config.json

{
"client_id": "amzn1.application-o...<omitted>",
"client_secret": "5f6daf3b75ed734088f...<omitted>",
"authorize_url": "https://sellercentral.amazon.com/apps/authorize/consent",
"token_url": "https://api.amazon.com/auth/o2/token",
"token_type": "account",
"options": {
"scope": "read",
"version": "beta",
"application_id":"amzn1.sellerapps.app.ccae34ad-26f5-49cb-b9e8-b3eb44a488fc"
}
}

sellercentral.amazon.com1.har (6.3 MB) sellercentral.amazon.com2.har (6.0 MB)

samuelpares · December 22, 2020, 9:06pm

Hi, @Lakshmi_Narasimhan! Welcome to the community!

Once I had a similar issue, don’t recall exactly what, but try add “redirect_url” to “options”:

{
	"client_id": "amzn1.application-o...<omitted>",
	"client_secret": "5f6daf3b75ed734088f...<omitted>",
	"authorize_url": "https://sellercentral.amazon.com/apps/authorize/consent",
	"token_url": "https://api.amazon.com/auth/o2/token",
	"token_type": "account",
	"options": {
		"scope": "read",
		"version": "beta",
		"application_id": "amzn1.sellerapps.app.ccae34ad-26f5-49cb-b9e8-b3eb44a488fc",
		"redirect_url":["https://oauth.freshdev.io/auth/callback"]
	}
}

If you are running local, the url should be: http://localhost:10001/auth/callback

Lakshmi_Narasimhan · December 23, 2020, 4:27am

Hey @samuelpares ,
Have tried the above. still facing the same issue.
We have mentioned this redirect_uri( https://oauth.freshdev.io/auth/callback) in amazon seller portal. Once we click confirm from consent page, amazon redirects us to the redirect_uri mentioned with some query params.
redirect_uri example: https://oauth.freshdev.io/auth/callback?spapi_oauth_code=<code>&state=<stateexample>&selling_partner_id=A24YGQX98M16CN
we are getting this redirect URI, but not redirecting to the installation page. instead we are again landing back to the same consent page where it is asking us to log in to Freshworks for Amazon Sellers.

Raviraj · December 24, 2020, 7:48am

Hi @Lakshmi_Narasimhan,

In Amazon Seller portal documentation, they have clearly mentioned that they have their own implementation of OAuth 2.0 which includes this new flow to login in your website before authorizing from Amazon Seller portal. We support only the standard OAuth 2.0 flow.
So, this login page has to be hosted by yourself and redirected to the Amazon Seller portal’s expected URL with expected parameter to complete this flow. The rest of the parts will work fine if they are following the standard OAuth 2.0 workflow.

Lakshmi_Narasimhan · December 24, 2020, 7:51am

Hello @Raviraj ,
We tried the OAuth flow, where we are loading Authorization URI from our end. In the amazon consent page we are getting the confirmation messages for authorizing amazon selling data.Once we click confirm from consent page, amazon redirects us to the redirect_uri mentioned with some query params.
redirect_uri example: https://oauth.freshdev.io/auth/callback?spapi_oauth_code= <code>&state=<stateexample>&selling_partner_id=A24YGQX98M16CN
Here, In query params if we have query param name as code instead of spapi_oauth_code we are successfully passing the OAuth flow and we are landing back to the installaton page. Is there a way can we get code and selling parttner id from spapi_oauth_code and selling_partner_id in fdk? Also we need to do one manual post call to token URL to get Access token and Refresh token. so how can we solve these?
please check this video grab

Raviraj · December 24, 2020, 2:34pm

@Lakshmi_Narasimhan Only code is expected in the query parameter from our platform and others will be ignored. Also, this query parameter cannot be accessed by the app. This code will be used to request the access token from the third-party.

This cannot be customized in our platform to accept any other query parameters.