I am trying to implement LWA in an Alexa Skill (Accept Grant so to send events to the Alexa). I have already done this successfully in the past in a published skill, so I just made a new security profile on LWA console, copied the client_id and client_secret and formed the request as :
const data = {
"grant_type": grant_type,
"client_id": client_id,
"client_secret": client_secret,
"code": code,
};
let authResponse = await axios.post(url, data,
{headers: {'content-type': 'application/x-www-form-urlencoded'}}
);
I am getting the following error message : 400 Bad Request :
{
"error_description": "The request has an invalid grant parameter : code",
"error": "invalid_grant"
}
The client_id and client_secret I have added from the LWA Developer Console security settings for my domain. I can't understand why am I facing this error. 'Code' i have got from the AcceptGrant directive and grant_type is 'authorization_code'. Can anyone help me with this?
Also : In my published skill, where this works flawlessly, the client_id and client_secret mentioned in the Lambda function are different from the values mentioned in the LWA security settings for that domain, I am not sure why is this so, because I remember using the values from the LWA security settings, do these values change over time?
Amazon's docs gives essentially 2 reasons for the error code "invalid grant".
Either the authorization code is no good or the client ID sent with the authorization request is different than here in the token request.
https://developer.amazon.com/docs/login-with-amazon/authorization-code-grant.html#access-token-errors