I am trying to get access token for amazon cloud drive. First I am requesting this url:
https://www.amazon.com/ap/oa?client_id=MYCLIENTID&scope=clouddrive%3Aread_all%20clouddrive%3Awrite&response_type=code&redirect_uri=https://mymusic.az/signin
Then I am clicking continue. After that I am redirecting this URL:
https://mymusic.az/signin?code=SOMECODE&scope=clouddrive%3Aread_all+clouddrive%3Awrite
I got SOMECODE from URL. But it is not access token? How can I get access token with SOMECODE?
It's really obvious what is happening if you read the documentation.
There are two types of authorization, Implicit Grants which return an authorization token that will expire, and Authorization Code Grants which return an authorization code that doesn't expire. You are requesting an Authorization Code and that is what you are getting back. You then make another request using the authorization code whenever you need to retrieve an access token. At the very least I suggest reading the entire section of the documentation titled "Authorization Code Grant".
After you got CODE you need to ask for token
Send POST to https://api.amazon.com/auth/o2/token with content type application/x-www-form-urlencoded
grant_type : set to 'authorization_code'.
code : Specifies the code returned after user authorization.
client_id : Specifies the identifier for the app. This is a body parameter.
client_secret : Specifies the secret identifier associated with the app.
redirect_uri : Specifies one of the return URIs that you added to your app when signing up.
It should be url encoded form, not JSON. And all parameters are required even if say redirect_uri is useless here, but it should be the same as used for code.
But in response you get JSON something like this
{
"token_type": "bearer",
"expires_in": 3600,
"refresh_token": "Atzr|IQEBLzAtAhUAibmh-1N0EVztZJofMx",
"access_token": "Atza|IQEBLjAsAhQ3yD47Jkj09BfU_qgNk4"
}
