I was using Amazon Alexa Smart Home Skill without problems but today I tried to add some new devices and relink the skill in my Alexa app without success.
After the login to HA from the alexa skill I am redirected to layla amazon url (because I am from Europe) but after the redirect it appears a new redirect to pitangui (which is the USA one) and then an screen of unable to link.
The flow is that one:
-
https://mydomain/auth/login_flow/e8c0a0c6xxxx7920e38(2FA) POST with status 200 OK where response contains:
{"code":"262370","client_id":"https://layla.amazon.com/"} -
https://layla.amazon.com/api/skill/link/M3OxxxxxVX5Y?code=7fxxxxxxxcbf7e&state=AmaseyJ2xxxxxxxtM%3D&storeToken=trueGET 302 Found from 3.164.162.237:443 where response header has:
Location: https://skills-store.amazon.co.uk/api/skill/link/M3OxxxxxVX5Y?code=7fxxxxxxxcbf7e&state=AmaseyJ2xxxxxxxtM%3D -
https://skills-store.amazon.co.uk/api/skill/link/M3OxxxxxVX5Y?code=7fxxxxxxxcbf7e&state=AmaseyJ2xxxxxxxtM%3DGET 302 Found
from 3.253.177.35:443 where response header has:
https://layla.amazon.com/api/v1/accountLink/establish?code=7fxxxxxxxcbf7e&state=AmaseyJ2xxxxxxxtM%3D&vendor_id=M3OxxxxxVX5Y -
https://layla.amazon.com/api/v1/accountLink/establish?code=7fxxxxxxxcbf7e&state=AmaseyJ2xxxxxxxtM%3D&vendor_id=M3OxxxxxVX5YGET 200 OK from 3.164.162.237:443 -
https://layla.amazon.com/api/v1/accountLink/establish?code=7fxxxxxxxcbf7e&state=AmaseyJ2xxxxxxxtM%3D&vendor_id=M3OxxxxxVX5Ywith response POST 202 Accepted from 3.164.162.237:443 where response header has:
Location: https://layla.amazon.com/api/v1/accountLink/establish?r=E&code=7fxxxxxxxcbf7e&state=AmaseyJ2xxxxxxxtM%3D&t=C&showRedirect=1&vendor_id=M3OxxxxxVX5Y -
https://layla.amazon.com/api/v1/accountLink/establish?r=E&code=7fxxxxxxxcbf7e&state=AmaseyJ2xxxxxxxtM%3D&error=1&&showRedirect=1&vendor_id=M3OxxxxxVX5YGET 200 OK from 3.164.162.237:443 where in the querystring says: error=1 and showRedirect = 1
here I get this screenshot:
If i check the html source of that page I see that the querystring r=E from the previous url means call to pitangui endpoint and not layla one.
after press the button I get in the loop of the attached video with these 2 request all the time where appears that error in the querystring redirectedFromAMASForcedDeeplink :
-
https://pitangui.amazon.com/discover/link-account?r=E&code=7fxxxxxxxcbf7e&t=C&vendor_id=M3OxxxxxVX5Y&state=AmaseyJ2xxxxxxxtM%3D&t=C&vendor_id=M3OxxxxxVX5Y&error=redirectedFromAMASForcedDeeplinkGET 200 OK where in the querystring says: error=redirectedFromAMASForcedDeeplink -
https://layla.amazon.com/api/v1/accountLink/establish?r=E&code=7fxxxxxxxcbf7e&t=C&vendor_id=M3OxxxxxVX5Y&state=AmaseyJ2xxxxxxxtM%3D&t=C&vendor_id=M3OxxxxxVX5Y&error=1&showRedirect=1GET 200 OK where in the querystring says: error=1 and showRedirect=1 again
My lambada from AWS is placed in Ireland and my alexa developer account from Spain like my Amazon account which was also migrated some years ago.
I want to add that every 3-4 days I had logging failed attemps to my HA from AWS USA ips that I know that were related to that but I ignored because my Alexa skill was alawys working fine.
[homeassistant] 2025-03-31 08:01:44.685 WARNING (MainThread) [homeassistant.components.http.ban] Login attempt or request with invalid authentication from 72.21.217.139 (72.21.217.139). Requested URL: '/auth/token'. (Apache-HttpClient/UNAVAILABLE (Java/1.8.0_432))
[homeassistant] 2025-03-27 06:35:33.106 WARNING (MainThread) [homeassistant.components.http.ban] Login attempt or request with invalid authentication from 72.21.217.98 (72.21.217.98). Requested URL: '/auth/token'. (Apache-HttpClient/UNAVAILABLE (Java/1.8.0_432))
[homeassistant] 2025-03-23 10:56:06.647 WARNING (MainThread) [homeassistant.components.http.ban] Login attempt or request with invalid authentication from 54.239.98.30 (54.239.98.30). Requested URL: '/auth/token'. (Apache-HttpClient/UNAVAILABLE (Java/1.8.0_432))
[homeassistant] 2025-03-19 12:47:52.931 WARNING (MainThread) [homeassistant.components.http.ban] Login attempt or request with invalid authentication from 72.21.217.18 (72.21.217.18). Requested URL: '/auth/token'. (Apache-HttpClient/UNAVAILABLE (Java/1.8.0_432))
[homeassistant] 2025-03-15 11:33:52.312 WARNING (MainThread) [homeassistant.components.http.ban] Login attempt or request with invalid authentication from 72.21.217.143 (72.21.217.143). Requested URL: '/auth/token'. (Apache-HttpClient/UNAVAILABLE (Java/1.8.0_432))
[homeassistant] 2025-03-11 12:38:33.360 WARNING (MainThread) [homeassistant.components.http.ban] Login attempt or request with invalid authentication from 54.239.98.38 (54.239.98.38). Requested URL: '/auth/token'. (Apache-HttpClient/UNAVAILABLE (Java/1.8.0_432))
[homeassistant] 2025-03-07 18:31:23.417 WARNING (MainThread) [homeassistant.components.http.ban] Login attempt or request with invalid authentication from 72.21.217.46 (72.21.217.46). Requested URL: '/auth/token'. (Apache-HttpClient/UNAVAILABLE (Java/1.8.0_432))
