Alexa.Authorization Interface 3
Implement the Alexa.Authorization interface in your Alexa skill to give your skill access to the Alexa event gateway. Access to the gateway enables you to send asynchronous responses and proactive events, such as Alexa.ChangeReport, to Alexa.
For the definitions of the message properties, see Alexa Interface Message and Property Reference.
Event gateway authorization
The purpose of the Alexa.Authorization.AcceptGrant directive is to enable you to obtain credentials that identify and authenticate a customer to Alexa.
Alexa sends an AcceptGrant directive after a customer enables a smart home skill and goes through the account linking process, or when you update an existing smart home skill to support proactive events.
The AcceptGrant directive contains the following information:
-
Alexa sends you an authorization code. Exchange the authorization code for an access token and refresh token by using Login With Amazon (LWA). For details, see the Get access token with authorization code operation and LWA Authorization Code Grant.
-
Alexa sends you the access token for the customer that Alexa received during the account linking process. Store the token, and use the token to identify the customer in your system.
HTTP 403 Forbidden response from Alexa, or an error from LWA when you try to refresh the token.AcceptGrant directives for each customer, make sure that you requested permission to send Alexa events in the developer console. Use the slider on the Send Alexa Events section of the PERMISSIONS page to indicate your skill sends messages to the Alexa event gateway.Directives
The Alexa.Authorization interface defines the following directives.
AcceptGrant directive
Support the AcceptGrant directive so that you can obtain and store credentials that identify a customer to Alexa.
AcceptGrant directive example
The following example illustrates an AcceptGrant directive that Alexa sends to your skill. Because this interface is synchronous, the message doesn't contain a correlation token.
{
"directive": {
"header": {
"namespace": "Alexa.Authorization",
"name": "AcceptGrant",
"messageId": "Unique version 4 UUID",
"payloadVersion": "3"
},
"payload": {
"grant": {
"type": "OAuth2.AuthorizationCode",
"code": "someAuthCode"
},
"grantee": {
"type": "BearerToken",
"token": "someAccessToken"
}
}
}
}
AcceptGrant directive payload
The following table shows the payload details for the AcceptGrant directive.
| Property | Description | Type | Required |
|---|---|---|---|
|
|
Information that identifies a customer in Amazon Alexa systems. |
Object |
Yes |
|
|
Type of grant. |
String |
Yes |
|
|
Authorization code for the customer. |
String |
Yes |
|
|
Information that identifies a customer in the linked-account service or system. |
Object |
Yes |
|
|
Type of access token. |
String |
Yes |
|
|
The customer access token received by Alexa during the account linking process. |
String |
Yes |
AcceptGrant response
If you handle an AcceptGrant directive successfully, respond with an AcceptGrant.Response. Because this interface is synchronous only, don't include a correlation token.
The following example shows a AcceptGrant.Response. The response doesn't require a payload.
{
"event": {
"header": {
"namespace": "Alexa.Authorization",
"name": "AcceptGrant.Response",
"messageId": "Unique identifier, preferably a version 4 UUID",
"payloadVersion": "3"
},
"payload": {}
}
}
AcceptGrant error handling
If you can't handle an AcceptGrant directive successfully for one of the following reasons, respond with an Alexa.Authorization.ErrorResponse:
- You're unable to call LWA to exchange the authorization code for access and refresh tokens.
- You're unable to store the access and refresh tokens for the customer.
- Any other error that occurs while you try to retrieve and store the access and refresh tokens.
For more general errors, respond with an Alexa.ErrorResponse event.
AcceptGrant processing, the customer can't enable your skill.The following example shows an Alexa.Authorization.ErrorResponse.
{
"event": {
"header": {
"messageId": "Unique identifier, preferably a version 4 UUID",
"namespace": "Alexa.Authorization",
"name": "ErrorResponse",
"payloadVersion": "3"
},
"payload": {
"type": "ACCEPT_GRANT_FAILED",
"message": "Failed to handle the AcceptGrant directive because <your reason>"
}
}
}
Related topics
Last updated: Jul 01, 2025