In this guide, we will show you how to set up Account Linking for your Amazon Alexa Skill, without having to deal with all the security issues and the burden of running your own OAuth 2.0 server. We will do this by using Auth0, a service for developers to authorize and authenticate users, which is a helpful tool for Alexa Account Linking.
Important: Set the default audience in your tenant settings (top right) to https://YOUR-DOMAIN.eu.auth0.com/api/v2/. Else Alexa will only get a really short opaque access token instead of a signed JWT.
Hi all,
I am not receiving a response for retrieving user data after linking account. Here is some data:
Here is our current code:
launch : async function (that) {
if (!that.$request.getAccessToken()) {
that.$alexaSkill.showAccountLinkingCard();
that.$speech.addText('Please link you Account');
that.toIntent("WelcomeIntent");
} else {
let token = that.$request.getAccessToken();
let options = {
method: 'GET',
uri: 'https://voicefirsttech.auth0.com/userinfo', // You can find your URL on Client --> Settings -->
// Advanced Settings --> Endpoints --> OAuth User Info URL
headers: {
authorization: 'Bearer ' + token,
}
};
that.$alexaSkill.progressiveResponse('Processing')
.then(() => that.$alexaSkill.progressiveResponse('Still processing'));
await rp(options).then((body) => {
let data = JSON.parse(body);
/*
To see how the user data was stored,
go to Auth -> Users -> Click on the user you authenticated earlier -> Raw JSON
*/
return that.tell("HELLO WORLD");// Output: Kaan Kilic, [email protected]
});
}
},
And the Response from Alexa
{
"version": "1.0",
"session": {
"new": true,
"sessionId": "amzn1.echo-api.session.33a28b08-055e-4a74-93a1-0288b6a4b540",
"application": {
"applicationId": "amzn1.ask.skill.d3cb6156-f160-401c-ab25-fa04fc5c3861"
},
"user": {
"userId": "amzn1.ask.account.AGV6QLLHMT7HQ5LQI4ZV5AXKCRRFCCPQ6ZC7OTGSEJXAN6E5R6KZQ4NLTE4WD4HCLPIPTTQL7RUSOP5B44U3EZQIGU4NLEOCEITS5O3PR444SJEUSJ3THX7IWPGVQENNVUHIAVV5L2DSL7AKUOXOUEGIM6MGKU4LMJPS3TZUAD4T2642ZZPNPEMREPUT44BB6O6SGK52L6OBVIQ",
"accessToken": "PrLPPpuqmT3jKaxfPbFBIf58PY-dFJW4"
}
},
"context": {
"System": {
"application": {
"applicationId": "amzn1.ask.skill.d3cb6156-f160-401c-ab25-fa04fc5c3861"
},
"user": {
"userId": "amzn1.ask.account.AGV6QLLHMT7HQ5LQI4ZV5AXKCRRFCCPQ6ZC7OTGSEJXAN6E5R6KZQ4NLTE4WD4HCLPIPTTQL7RUSOP5B44U3EZQIGU4NLEOCEITS5O3PR444SJEUSJ3THX7IWPGVQENNVUHIAVV5L2DSL7AKUOXOUEGIM6MGKU4LMJPS3TZUAD4T2642ZZPNPEMREPUT44BB6O6SGK52L6OBVIQ",
"accessToken": "PrLPPpuqmT3jKaxfPbFBIf58PY-dFJW4"
},
"device": {
"deviceId": "amzn1.ask.device.AFMRQZLSYMASEMUCNX6HOVIAEWTYEP5XGCGVIHSH4WH5AI4ZJ4UFC7WVS6B23IHKBSYD77WOPFIF6V6OWGNHQ72AWL2IW2R6O5HPK44AP5OFZPQMPFLX3WTSSA72FLGPWHLSSFSQRQ7RXHSK6OLRENQ5OLBA",
"supportedInterfaces": {
"Geolocation": {}
}
},
"apiEndpoint": "https://api.amazonalexa.com",
"apiAccessToken": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjEifQ.eyJhdWQiOiJodHRwczovL2FwaS5hbWF6b25hbGV4YS5jb20iLCJpc3MiOiJBbGV4YVNraWxsS2l0Iiwic3ViIjoiYW16bjEuYXNrLnNraWxsLmQzY2I2MTU2LWYxNjAtNDAxYy1hYjI1LWZhMDRmYzVjMzg2MSIsImV4cCI6MTU1ODEzMjA4MiwiaWF0IjoxNTU4MTMxNzgyLCJuYmYiOjE1NTgxMzE3ODIsInByaXZhdGVDbGFpbXMiOnsiY29uc2VudFRva2VuIjpudWxsLCJkZXZpY2VJZCI6ImFtem4xLmFzay5kZXZpY2UuQUZNUlFaTFNZTUFTRU1VQ05YNkhPVklBRVdUWUVQNVhHQ0dWSUhTSDRXSDVBSTRaSjRVRkM3V1ZTNkIyM0lIS0JTWUQ3N1dPUEZJRjZWNk9XR05IUTcyQVdMMklXMlI2TzVIUEs0NEFQNU9GWlBRTVBGTFgzV1RTU0E3MkZMR1BXSExTU0ZTUVJRN1JYSFNLNk9MUkVOUTVPTEJBIiwidXNlcklkIjoiYW16bjEuYXNrLmFjY291bnQuQUdWNlFMTEhNVDdIUTVMUUk0WlY1QVhLQ1JSRkNDUFE2WkM3T1RHU0VKWEFONkU1UjZLWlE0TkxURTRXRDRIQ0xQSVBUVFFMN1JVU09QNUI0NFUzRVpRSUdVNE5MRU9DRUlUUzVPM1BSNDQ0U0pFVVNKM1RIWDdJV1BHVlFFTk5WVUhJQVZWNUwyRFNMN0FLVU9YT1VFR0lNNk1HS1U0TE1KUFMzVFpVQUQ0VDI2NDJaWlBOUEVNUkVQVVQ0NEJCNk82U0dLNTJMNk9CVklRIn19.JHJorHKvDM7N37NQYZ8OgP0KH7bNm77GH4cnbTR-U0SP7jMmrVSOGZ_wSmJEqcJRElsF-4nECFOFzYvsfF2x6BHKbiBStbjJUq2hjzM2enroJx2OM4H2Xse4yXY8KWKKWl5n7uvs4qDiYBG25SD8JC7ZG78FlEW3T18YYvQWaZgQafzoxGMNF_-vBo6VJfaZuA233jQaB7WS9p3sp68jS14fBDovrRniZQpUzZPCX9xNlxiqxorcd0hSUq7OitRotohUFaUN9cZzU6O6vNqqorMsLXjHL0T-TFAYanWKeoufgXpNwmOUmXpxOPj8bvXGA0Rm8BMqcryQF0wm3qQe2g"
}
},
"request": {
"type": "LaunchRequest",
"requestId": "amzn1.echo-api.request.6d22e7ae-fa48-43bd-94df-b7646ae2509a",
"timestamp": "2019-05-17T22:23:02Z",
"locale": "en-US",
"shouldLinkResultBeReturned": false
}
}
{
"version": "1.0",
"response": {
"shouldEndSession": true
},
"sessionAttributes": {}
}
As you can see there are no speech tags in the response.
Does it go into the else block? Could you verify that by logging the data after making the request?
Also, I would probably get rid of the progressive responses part for now until it’s working to remove another layer of complexity
Jan,
here is the response I receive:
{
sub: 'auth0|8683a81e-4975-40d9-b9ce-cc0a3edbc743',
nickname: 'voicefirsttech',
name: '[email protected]',
picture: 'https://s.gravatar.com/avatar/c18b64d675c7a176072bcf363459ac21?s=480&r=pg&d=https%3A%2F%2Fcdn.auth0.com%2Favatars%2Fvo.png',
updated_at: '2019-05-27T14:40:16.474Z',
email: '[email protected]' }
{
However,
I would like the FULL user profile:
Can we use the JOVO CLI to add account linking?
Looks like account linking is not same as SMAPI for Alexa
Does Jovo offer these capabilities?
https://developer.amazon.com/docs/smapi/account-linking-schemas.html
Hi @jan Jan,
I have followed the same steps, i have authenticated using google in the login window. My endpoint throws jws malformed, also the token got shorted not the one given in auth0 quick start.
@jan Is there any way to make a single Jovo app handle account linking for both Google Assistant and Alexa?
Hi @jan,
I’m trying to setup the Account Linking with Google.
I have a simple code:
LAUNCH() {
if (this.$request.getAccessToken()) {
this.tell(“success”);
} else {
this.alexaSkill()
.showAccountLinkingCard()
.tell(“Go the Alexa app and set account linking”);
}
}
However, when i do jovo run to open the debugger, if use my Echo device and tell “Alexa, open [app name]” I correctly retrieve the accessToken and the request user id corresponds to my amazon user id . When I click the “LAUNCH” button from the debugger console the user id that sends the request is “userId”: “jovo-debugger-user” and the access token is not received.
How can I retrieve it if I use the console to debug and not the alexa device?
Thank you!
Hi @jan,
Can we do account linking without Auth0, I have to used idp instend of auth0 is it possible to do account linking with idp ?
Please help me.
Thanks.
Hey Guys currently my application is working in English but if test in Spanish the app not is working.
if (
!this.$request?.getAccessToken() &&
!this.$alexaSkill?.$dialog?.alexaRequest?.context?.System?.person
?.accessToken
) {
return this.$alexaSkill
?.showAccountLinkingCard()
.tell(this.t("error-linked-account"));
} else {
return this.followUpState(ROUTE_NAMES.MAIN).ask(this.t("main-select"));
}@Anne_Koep-Lehmann I’m running into this issue but I cannot figure out where to set the audience. The Alexa dev console Account Linking page does not have a field for audience or tenant. Where should I be setting this?
Update: I found the solution here
https://community.auth0.com/t/access-token-is-not-jwt-format/61945/8