Amazon Pay and Login with Amazon integration guide

Adding allowed JavaScript origins or allowed return URLs

By default, web browsers block JavaScript calls from one origin that try to call a script on another origin. To use an Amazon Pay or Login with Amazon button on your website, you must specify either Allowed JavaScript Origins or Allowed Return URLs to authorize interactions between your website and Amazon.

Allowed JavaScript origins

The Amazon Pay JavaScript SDK allows calls from other origins if they are specified as part of an application. Adding a domain to the Allowed JavaScript Origins field allows the SDK for JavaScript to communicate with a website directly during the login process and to present a pop-up for the buyer when they are signing in.

Note: The Amazon Pay button widget includes a pop-up parameter. To enable signing in via a pop-up, this parameter must be set to popup:true.

Setting up for the Sandbox environment

When you are testing in the Sandbox environment on localhost, you don't need an SSL certificate and can use the http protocol (http://localhost).

Setting up for the Production environment

For the Production environment, the JavaScript origin is your website URL, which is a combination of protocol, domain, and the port where your JavaScript calls originate (for example: https://www.example.com:8443). In the Production environment, allowed origins must use the HTTPS protocol. If you are using a standard port (port 443), you need only include the domain name (for example, https://www.example.com).

Allowed return URLs

An allowed return URL is an address to a website that makes HTTPS calls to the Amazon Pay authorization service. The Amazon Pay authorization service redirects users to this URL when they complete login.

Note: The Login and Pay with Amazon button widget includes a pop-up parameter. To enable a redirect, this parameter must be set to "popup:false."

Setting up for the Sandbox environment

When you are testing in the Sandbox environment on localhost, you don't need an SSL certificate and can use the http protocol (http://localhost/testRedirect.html).

Setting up the Production environment

In the Production environment, enter the redirect_uri that you want your buyers to be returned to after they have signed in. The Allowed Return URL must use the HTTPS protocol and include the protocol, domain, path, and query strings (for example, https://www.example.com/login.php).

Setting allowed JavaScript origins or allowed return URLs

Login to Seller Central and select Integration > Integration Central from the navigation bar on the top-left side
Under the Manage client ID/store ID(s) section, click on View client ID/store ID(s)
Choose your Amazon Pay application from the App or store name dropdown, and click Edit on the right hand side to add/edit your URLs
Add your URLs to the Allowed JavaScript origins and Allowed return URLs sections
Click Save changes when done

Amazon Pay University

Watch this video for an overview on fixing errors on the Amazon Pay login