Page created: 24 Jul 2019 |
Page updated: 18 Jul 2022
To configure PingOne as an identity provider for Amazon Alexa Skills, perform the following steps.
Build a new PingOne
- Log in to your PingOne Administration console.
- Go to .
- Click + Application.
- Click Advanced Configuration and then click Configure OIDC.
- Enter your application name. Click Next.
Enter a dummy URL in the Redirect URLs field. Click
Save and Continue.
Note: You will update the URL after you have configured Amazon Alexa.
- On the Grant Access page, click Save and Continue.
- On the Applications page, click the expand icon on your new application and then click the pencil icon to edit.
On the Configuration tab, click Generate
New Secret and then configure your application using the
following table as a guide.
Parameter Value Response Type Code and Token Grant Type Authorization Code, Implicit, Client Credentials, and Refresh Token Redirect URLs https://www.example.com Token Endpoint Authentication Method Client Secret BasicNote: Copy your Client ID, Client Secret, Authorization URL, and Token Endpoint as they are required for Alexa skills configurations later.
On the Access tab, click the plus icon for the
p1:read:userscopes to add them to the Scopes Grant list. Click Save.Note: You can add more scope grants, but only the previous two are required.
- Return to the Application page and click the toggle to enable your application.
- Build a new Amazon Alexa skill.
Link your PingOne application
to your Alexa skill.
- In your Alexa Developer Console, select your Alexa skill and click Account Linking on the sidebar.
Enter the information for your PingOne application using the following table as a guide.
Parameter Value Do you allow users to create an account or link to an existing account with you? Enabled Allow users to enable skill without account linking Disabled Authorization grant type Auth Code Grant Authorization URI Your PingOne Authorization URI Access Token URI Your PingOne Token Endpoint Client ID Your PingOne Client ID from step 9 Client Secret Your PingOne Client Secret from step 9 Client Authentication Scheme HTTP Basic Scope email, p1:read:user, and p1:read:environment Domain List auth.pingone.com and api.pingone.com Default Access Token Expiration Time 30Note: Copy the URLs from the Redirect URLs field as they are required in the next step.
Enter the redirect URLs from your Alexa skill into PingOne.
- Log into your PingOne Administration Console.
- Go to .
- To edit your application, click the expand icon and then click the pencil icon.
- Click the Configuration tab and then paste the redirect URLs into the Redirect URLs field. Click Save.
To beta test your Alexa skills, register your Alexa Account as a beta tester.
- In your Alexa Developer Console, go to Beta Test section. and expand the
- Add your email address to Beta Test Administrator Email Address and click Add.
Test account linking on the Amazon Alexa site.
Once successfully linked, a confirmation screen will appear.
- Log in to Amazon Alexa.
- Locate your skill and then click Link Account.
- You will be redirected to PingOne. Provide your credentials.