开发人员控制台
感谢您的访问。此页面目前仅提供英语版本。我们正在开发中文版本。谢谢您的理解。

Amazon Music

Login With Amazon

OAuth 2.0 Protocol

The Amazon Music Web Service API uses the OAuth 2.0 authorization framework to securely identify clients and end-users. With this open protocol, a client wishing to access a protected resource must contact an authorization server to obtain an access token. Clients can then transmit this access token when making subsequent protected resource requests.

Login With Amazon

Login with Amazon (LWA) provides the authorization server for the Amazon Music API. LWA is a separate service from the core Amazon Music Service, and so its API may have different formats, structure, and requirements from the Amazon Music API documented here.

To use LWA, your business first needs to create an account to receive a device client ID. Click here to learn how to create a Login With Amazon account.

To learn how to use Login With Amazon to request an authentication token, click here.

Music-specific guidelines

Login With Amazon offers a number of login methods for the end user. The choice of which to use will depend on the specific requirements of your device.

Calling LWA for use with Amazon Music

The LWA documentation above will guide you through the authorization process that applies to your specific application. The Amazon Music-specific component of this process is scope. When you make a device authorization request to LWA you must specify a scope. You can request more than one scope at once: simply separate scopes with spaces. Which scope(s) you need depends on the API functionality you will need access to. While the Web API makes use of a number of different scopes, the Device API only requires one scope: amazon_music:access.

The Security Profile ID(s) used by Music client applications must be enabled by the Amazon Music Service in order for authorization to be successful.

Combining with Alexa Voice (AVS / 3PDA) Support

If you are implementing support for Alexa Voice Services (AVS) for the same devices/clients, you must use the same LWA Application ID for both, as both require LWA authorization. If the customer grants both AVS and Alexa Music permissions at the same time, the client should use the same LWA clientID for both. The Login With Amazon documentation on developer.amazon.com explains how to request scopes using the Web interface or the iOS or Android SDKs and provides sample code. It might be possible to maintain separate client IDs and have the customer grant permissions separately, but this is not tested or recommended and is not expected to work in most scenarios.