Table of contents
How to enable Amazon login in WordPress
1. Create an Amazon App
To be able to log in via Amazon you must create an Amazon app first.
- Navigate to https://www.amazon.com/
- Log in with your Amazon credentials if you are not logged in.
- Visit https://developer.amazon.com/lwa/sp/overview.html
- If you don’t have a Security Profile yet, you’ll need to create one. You can do this by clicking on the orange “Create a New Security Profile” button on the left side.
- Fill “Security Profile Name”, “Security Profile Description” and “Consent Privacy Notice URL”.
- Once you filled all the required fields, click “Save”.
- On the right side, under “Manage”, hover over the gear icon and select “Web Settings” option.
- Click “Edit”.
- Fill “Allowed Origins” with the url of your homepage. E.g. https://yoursite.com
- Add the following URL to the “Allowed Return URLs” field https://yoursite.com/wp-login.php?loginSocial=amazon, where the yoursite.com is your domain.
- When all fields are filled, click “Save”.
- Find the necessary “Client ID” and “Client Secret” at the middle of the page, under the “Web Settings” tab.
2. App setup
Once your Amazon app is ready you’ll need to copy and paste the Client ID and Client Secret to the Amazon provider’s Settings tab. You can find the information at your Amazon app’s Settings which you can reach from the left sidebar.
Once your Client ID and Client Secret has been added you need to verify the setup first. This verification helps you identify possible problems with the app.
The Client ID of your Amazon app. You can find it at your App → left menu: Settings.
The Client Secret of your Amazon app. You can find it at your App → left menu: Settings.
Username prefix on Register
Whenever a new user registers with their Amazon account they can get a custom prefix so you can easily identify them.
Fallback username prefix on register
Whenever a new user registers with their Amazon account and we can not generate a valid username from the first name or last name, a random username will be generated. With this option they can get a custom prefix so you can easily identify them.
Terms and conditions
This option can only be seen, if Terms and conditions is set to Show in Global Settings → Privacy tab. Here you can set custom Terms and Conditions for users who register with Amazon. For more information please read our GDPR documentation.
Common error messages returned by Amazon during verification
Redirect URI has not been whitelisted
400 Bad Request
The redirect URI you provided has not been whitelisted for your application. Please add your redirect URI in the ‘Allowed Return URLs’ section under ‘Web Settings’ for your Security Profile on Amazon Developer Portal.
The problem is that the entered Allowed Return URLs field is not correct for your app. Check the 10th step of the App setup to fix the problem.
400 Bad Request
Error: invalid_client: Client authentication failed
The Client Secret you copied from the Amazon app is invalid. Make sure the correct one was copied.
An unknown scope was requested
Error: invalid_scope: An unknown scope was requested