I am developing an alexa skill that requires account linking. The Account linking succeeds first 2 times(enable skill-disable it- and again re-enable the skill). Account linking fails only when I re-enable immediately after disabling the skill. I use Code grant auth type. The data (in the query string state/code/etc) are successfully redirected back to amazon's redirect/return url value. But Amazon ends the account linking process with a message stating that the account linking process failed at this time. Could anyone has any idea? Your help is much appreciated.
0
votes
1 Answers
0
votes
Answer: Finally I figured out the issue. The authorization server runs in 2 machines (instanes). The authorization server uses concurrent dictionary to store the access tokens. The concurrent dictionary uses local memory (in proc memory). During the authentication, the Amazon connected to one of the Auth server; that Auth server stores the access code in it's memory store. When the Amazon tries to get the access code from my authorization server using the code value that was returned to the Amazom previously, the second authorization server got hit. The second auth server does not have the access token for the amazon provided code, hence it invalidates the request. The solution is to use the shared store (out of process memory like REDIS cache) to store the access codes. So that both authorization servers can serve the request by referring the same store.
