We are currently using Keycloak as the authentication provider for our own mobile, web, and voice apps through OpenID Connect Oauth2 authorization code grant flow. This is working great!
Recently we wish to take advantage of the more seamless account linking flows (app-to-app) offered by Alex as described by the following docs:
The problem comes about where we need to issue an authorization code to Amazon’s backend services via an authenticated resource. It’s a custom call, and thus not part of any Oauth2 grant type.
Has anyone else tried to implement this flow, and has advice?
Maybe I can issue an authorization code in a way that it is returned directly back to our backend so we can forward it to Amazon? Maybe through the Admin REST API?