This is intended as a guide for people who wish to provide social Login with Amazon using OpenAM
[Prerequisites]
*This setup was used on OpenAM 13.0*
- Login to openam as admin and choose a realm
- In the realm dashboard select Configure Social Authentication > Configure Other Authentication
- [Login with Amazon does not provide an OpenId discovery url as of writing this]. In the configuration form, provide the openid discovery url for any known openid provider (eg: https://accounts.google.com/.well-known/openid-configuration , we’ll provide amazon’s configuration in the next few steps), and fill in the rest of the details.
- Now, from the realm dashboard, navigate to Authentication > Modules > edit the module that you just created.
- In the edit page, replace:
* Authentication Endpoint URL : https://www.amazon.com/ap/oa
* Access Token Endpoint URL : https://api.amazon.com/auth/O2/token
* User Profile Service URL : https://api.amazon.com/user/profile
* Scope : profile postal_code
* OpenID Connect validation configuration type : client_secret
- Set the account and attribute mappings as preferred.
With this OpenAM should be configured to use Amazon as an identity provider.