The following are frequently asked questions about Login with Amazon.
- General Login with Amazon Questions
- Using Login with Amazon
- Setting up Login with Amazon
- About Amazon Pay
- Technical Questions & Troubleshooting
General Login with Amazon Questions
- What is Login with Amazon?
- Login with Amazon allows Amazon customers to login to registered third-party websites or mobile apps ("clients") using their Amazon user name and password. Clients may ask the customers to share some personal information from their Amazon profile, including name, email address, and zip code.
- Who uses Login with Amazon?
- Developers who integrate with Login with Amazon to reduce registration and authentication friction, and Amazon customers who use Login with Amazon to login to websites and mobile apps with their Amazon credentials instead of creating a new password.
- Why would a website or app use Login with Amazon?
- Login with Amazon is a free service that allows developers to quickly and easily integrate a login solution to their websites and mobile apps. The service makes it convenient for over 250 million Amazon customers to login to these websites and mobile apps securely, and without hassles, using their Amazon account. It also allows customers to seamlessly share profile data, such as their email address, with a client.
- After you’ve implemented Login with Amazon, your customers will have one less username and password to remember in an environment where password reuse can compromise their information on multiple sites if an attacker finds a vulnerability in just one of them.
- Why did Amazon create Login with Amazon?
- Login with Amazon helps introduce sellers and developers to other Amazon services. Amazon has a suite of services for sellers and developers to build, monetize and market their websites and mobile apps (learn more about them in our Developer Portal). Login with Amazon also addresses the customer pain of forgotten passwords by enabling them to use the credentials they use almost every day across the web.
Using Login with Amazon
- How do Amazon customers use Login with Amazon to login to a website or mobile app?
- Users will see a Login with Amazon button that starts the login process. After clicking the button, the user will be presented a secure login screen (hosted by Amazon) to enter their email and password.
- After authentication, they will then be asked to consent to share the data requested by the website or mobile app, which can include their name, email address and zip code. The consent screen will inform the user of what information was requested and what will be shared.
- If they do not consent, they will be redirected back to the website or app. If they do consent, they will be redirected back to the website or app and the client will receive a token or code to access authorized user data.
- In using the Login with Amazon SDKs for iOS and Android, you can also provide your users with a single sign-on experience, allowing them to skip the login screen if they are already authenticated to Amazon. To learn more, see Customer Experience Overview for Android/Fire apps, and Customer Experience Overview for iOS apps.
- Can I use Login with Amazon on Internet of Things (IoT) devices or apps?
- Yes, you can use Login with Amazon as an authentication gateway for any IoT device or app capable of integrating with one of our SDKs. In fact, Login with Amazon currently provides a secure and scalable authentication gateway for the Amazon Echo and Dash Buttons. On Fire TV, Login with Amazon is supported through the Silk web browser and single sign-on (SSO) is auto-enabled.
On any device which is not capable of launching a web browser, such as smart TVs and watches, you may use a authorization method known as Code-Based Linking in which your device displays an alphanumeric user code to allow the user to Login with Amazon on your device using a secondary device such as their mobile phone or laptop. To learn more, see LWA for TVs and other Devices.
- Can I use Login with Amazon on Fire TV and Fire tablet apps?
- Yes, the Login with Amazon for Android instructions can also be used to add Login with Amazon to Fire TV and Fire tablet applications. Learn more about creating apps for Amazon Fire TV and Amazon Fire Tablets at developer.amazon.com.
- How do Amazon customers see information on sites they have logged into?
- Users can visit the Manage Login with Amazon section of the Your Account page on Amazon.com to view the list of websites or mobile apps they’ve consented to share data with.
- What if an Amazon customer no longer wishes to share information with a third-party website or app via Login with Amazon?
Setting up Login with Amazon
- How do I sign up for Login with Amazon?
- Before you can use Login with Amazon on a website, you must either register a Security Profile through the Developer Console, or register an application through the App Console (one or the other).
- If you plan to implement Amazon Pay at launch, register through the App Console using these instructions provided by Amazon Pay.
- If you don’t plan to use Amazon Pay at launch, register through the Developer Console. Next, use our instructions for Websites, iOS, and, Android to finish setting up Login with Amazon.
- If you’re not sure whether you’ll use Amazon Pay now or in the future, we recommend registering through the Developer Console. You can always register through the App Console later if you decide to use Amazon Pay, and then contact our team to link the two accounts (see the next question for details).
- I have websites and/or mobile apps registered in both Seller Central (App Console) and the Developer Portal. Can I manage all my websites/apps in one place?
- You can link your App Console and Developer Portal accounts to get a consolidated view of all your Login with Amazon websites and/or mobile apps in both places. With the accounts linked, you get the flexibility of visiting either the App Console or the Developer Portal to manage all your websites and/or mobile apps.
- Through the App Console, you get the additional benefit of viewing Amazon-captured metrics (sign in success, consent denied, consent revoked, etc.) for your applications, which aren’t available in the Developer Portal.
- For example, you’ll want to link accounts if you’ve enabled Login with Amazon on an Android/Kindle application distributed through the Amazon AppStore (as these must be registered through the Developer Portal), and also on the website version of the same application registered through the App Console in Seller Central.
- In this example, the website registered through Seller Central won’t appear in the Developer Portal, and the Android/Kindle app registered in the Developer Portal won’t appear in Seller Central. In addition, because the application is registered in two different places, your customers would need to provide consent twice – once when they Login with Amazon through the website, and a second time when they Login with Amazon through the Android/Kindle app. Linking your App Console and Developer Portal accounts enables a more seamless experience for your customers, as they’ll only need to provide their consent once per application.
Although linking your accounts is not required, it is highly recommended to ensure you receive the best experience and most accurate metrics from Login with Amazon. To link your accounts, contact Login with Amazon support (firstname.lastname@example.org) and include the email address you used in both Seller Central and the Developer Portal.
- What should I do if I have multiple versions of the same app (e.g. free vs paid)?
- If you have multiple versions of the same app, open the iOS or Kindle/Android settings for the app in your Developer Console, then click the Add an API Key button at the bottom right. After you register the new settings, you can use the resulting API Key value for the other version of the app. This will prevent your users from having to consent to Login with Amazon on multiple versions of the same app. Remember to label your new settings appropriately so you can tell them apart.
- Can I use one developer account for multiple websites and mobile apps?
- Yes, Amazon's Developer Console allows you to add and manage multiple Login with Amazon application for Web, iOS and Android/Kindle. You can also register Login with Amazon applications via the App Console on login.amazon.com.
- If you’ve registered applications on both the App Console and the Developer Portal, and would like to manage them all in one place, review our the earlier FAQ ("I have websites and/or mobile apps registered in both…").
- What profile information can Amazon users share with me?
- Customers can consent to share their name, email address, and ZIP Code when using Login with Amazon. If the customer uses Login & Pay with Amazon, they can also share their shipping address.
About Amazon Pay
- What is Amazon Pay?
- Amazon Pay is a service that provides customers with the ability to send and receive payments for goods or services by using the payment methods already stored in their Amazon.com account. To make a payment, they can use a credit card, bank account, or Amazon Pay Account balance. Amazon Pay is available for websites only. Learn more.
- What is Login and Pay with Amazon?
- Login and Pay with Amazon combines Amazon Pay with Login with Amazon. It allows hundreds of millions of Amazon buyers to login and pay on your website with the information already stored in their Amazon account. It's fast, easy and trusted. It can help you add new customers, increase sales and turn browsers into buyers. Leverage the trust of Amazon to grow your business. Learn more.
- How do I add Amazon Pay to my website?
- Review the Amazon Pay documentation for step-by-step instructions.
Technical Questions & Troubleshooting
- Does Login with Amazon use the OAuth protocol?
- Yes, Login with Amazon uses the OAuth 2.0 protocol for authorizing access to customer profile data. More extensive documentation of our Oauth implementation is available in the Understanding Login with Amazon section of our Login with Amazon for Websites documentation.
- Why does the Allowed Return URL for my website need to be secure (https)?
- If you do not have HTTPS available on your site, you can use the Authorization Code Grant to query Amazon's customer profile endpoint directly from your server. This communication will be over HTTPS and will be authorized with your client identifier and client secret for authentication. There is sample code available in our Getting Started Guide for Web to show you how to use the Authorization Code Grant.
- We highly recommend that sites that will have authenticated customer sessions also have the ability to communicate over HTTPS to avoid eavesdropping attacks which may result in credentials being stolen and replayed by an attacker. All secure data, including tokens, should pass over an HTTPS connection.
- Login with Amazon today supports origin URLs to be a combination of protocol, domain name and port (for example - https://www.example.com:8443, http://localhost:8080). One common reason for encountering this error is due to using an unsupported top-level domain. Login with Amazon currently supports all original, infrastructure, and country code top-level domains. If you need to register an unsupported URL for your application, contact us for assistance.