So it’s been a while since my last post…2 years is kinda unacceptable really.  A lot has happened since then.  I have shifted much of my focus to IoT projects and app development.  Recently, my good friend Walt Quesada turned me on to Amazon Echo development using the Alexa Skills Kit.  Walt is putting together an amazing Pluralsight course around developing and hosting your own Alexa skill using .Net on the Azure platform (it should be out this summer).

Walt and I have been geeking out creating proof of concepts using the Alexa Skill Kit, all geared around helping companies leverage Echo to provide voice-activated, interactive experiences.  A key part of developing an Alexa skill for the enterprise is the ability to link an organization’s user-base to a given Alexa skill.   This is accomplished by implementing a token-based authentication framework based upon the OAuth2 specification.   I have to admit, I had never developed an OAuth solution before so it was a little intimidating.  However, I really wanted to take our proof of concepts to the next level, so I did what every diligent developer would do: I Googled “OAuth and .Net”.

After reading many articles on the subject, I stumbled across one from Taiseer Joudeh.  Taiseer has a series dedicated to OAuth and .Net Authentication and my solution is HEAVILY based upon his blog posts.  Many thanks to Taiseer for publishing such great content.  Armed with Taiseer’s posts and Amazon’s documentation, I dove into the deep end of the OAuth pool.

At a high-level (and at a minimum), here are the steps your Alexa skill must implement to link accounts:

1. Create an OAuth2-based authentication framework.  We did this via Azure and .Net.  The bulk of the implementation can be found in the OAuth.API project on github.  The basics of OAuth are implemented, including requiring login credentials as well as a client_id known only to both parties.  There are also mocked-up data models and a data project that essentially mimics an organization’s data endpoints (assuming one exists).  Think of the data project as a series of http/rest calls to existing client services.
2. Create a Web Project to present a user login view.   We created an AngularJS project (ngWebLogin) for this part.  I am rather new to Angular so I am sure many of you can improve and refactor this project.  This project also handles the redirection back to Amazon for the validation and linking process (its’ a mock-redirection for testing purposes, but the principals are the same when linking an Alex skill…see the Docs for more info). The key interaction with your backend is passing the original state, your access_token and token_type back to Amazon.  Note: we chose the OAuth implicit grant model vs an authorization grant code, as the former is slightly simpler to implement and still adheres to Amazon’s requirements.

I could write a really lengthy step-by-step article demonstrating the development of each project, but my notes on github outline the overall solution and how to quickly get up and running.  Please feel free to use what you can from this project for your own Alexa skill.

Shot me any questions you might have and enjoy!