Get ID Token (JWT format) after Account Linking



I’m trying to get the Auth0 ID Token (JWT format) that seems to be used behind the scenes in the account linking flow. It seems like it’s only possible to get the access token from the request: this.$request.getAccessToken().

When using the option to use pure Google Sign In, you can access the raw JWT token like this:
this.$request.originalDetectIntentRequest.payload.user.idToken. Is there a similar workaround for when using account linking?

However the bigger question is how to set up account linking for voice apps in this scenario (Old fashioned email + password login systems):

  • The API service doesn’t have a “Endpoint for your sign-in web page that supports OAuth2 code or implicit flows”, ie: Which means you can’t enter the required params in the AoG account linking page.
  • Instead the service supports login, where you can post an email + password OR an ID ( Token (JWT format) from an identity provider such as Google / Facebook.
  • You get returned a access_token which is then used in an OAuth 1 styled authorization header to access the api in future requests

What is the best course of action when you are working with an backend service the doesn’t have an /authorize endpoint to support OAuth2 flow and you would like to link existing user accounts on Google / Alexa?

Some brainstorming

  1. Using a Auth0 DB connection. Has anyone had any success with this?
  2. Use the Auth0 social logins to get the JWT Id token and post that to the login endpoint of the older service, which will provide it’s own access token.
  3. Is there some other way to use Auth0 to compliment a login system to be used just for voice integrations, or do you have to change the web apps / mobile app to all use Auth0 to handle generating the access tokens.

From what i’ve tried it seems unless you have a /authorize endpoint that supports OAuth2 code or implicit flows you’re out of luck.

Thank you for your help :grin: