i am implementing alexa account linking starting from my website to receive notification on my alexa device, using the LWA flow as shown on the documentation https://developer.amazon.com/en-US/docs/alexa/account-linking/app-to-app-account-linking-starting-from-your-app.html#alexa-url-parameters.
But i get invalid scope error for the scope "alexa::skills:account_linking".
You should be using the client ID in the skill itself, you can find it in the permissions tab below Account Linking in your smart home skill.
It is a Login with Amazon(LWA) profile in itself.
refer to: Alexa Account Linking - "Invalid account linking credentials"
Mistakes -
1.Creating a new LWA (Login with Amazon) Profile.
You don't need a new LWA profile, you should instead use the Alexa credentials under the permissions tab on the skill page. They have the right scope (alexa::skills:account_linking) required for App-App Linking and LWA profiles cannot have this scope.
2.Using a development version of a live skill.
I had modified the account linking section in a development version to point to a test deployment. Although these changes are permitted in the developer console, account linking failed every time, so I created a new skill.
3.Reusing the Alexa Auth Code.
I had not realized that even a single bad request will invalidate the Alexa Auth Code.
4.Logging into the wrong Alexa Account.
When you get to the LWA screen during testing the account linking, only login with the developer credentials in which the skill is created. This is because at this point the skill is only available to the Alexa developer account and not anyone else. (Not even the beta testers)
Related
I am a program Manager working in Microsoft Certification program. we have transition that program from previous team and they have implemented badge sharing to linked in Page functionality From last 2 weeks the sharing functionality is not working and page is showing application is disabled when Customer is trying to share a Badge from Certification dashboard. when we debug the code and found that Client ID and Client Secret are expired and while generating it is asking the account credentials. Those credentials are no more valid and reset the existing account and regenerate the ClientID and Client Secret to work the Badge sharing functionality as is.
Please help me how to reset the account
[Customer Personal Microsoft Dashboard to display Microsoft Certification Badges - First Image
LinkedIn application showing the error after share
We are using SignIn with Google on our Flutter App that uses AWS cognito. Recently it started giving error:
"Error 403: access_denied The developer hasn’t given you access to this app. It’s currently being tested and it hasn’t been verified by Google. If you think you should have access, contact the developer"
The app was in "Testing" and seems to have reached the limit of 100 users. In order to have more than 100 users use the SignIn with Google option, we need to put the Google Authentication App to "Production". In order to do that Google is asking for domain verification of the amazoncognito.com used in "Authorized redirect URIs". Since we don't own this domain we can't verify it.
Can someone please help with how can we get the verification of the GCP "oauth consent screen" done with other domains like amazoncognito.com?
Thanks in advance.
I don't think this is currently possible.
Your best bet would be to file a feature request with Google for a supported verification progress for third-party user identity services.
I would suggest using the Google Workspace add-ons component for this type of request.
I have created a conversational action in Actions Builder that uses account linking via OAuth (not Google sign in). Functionally, everything is working well.
The only issue I noticed is that when I try to link accounts using anything except a phone in the simulator, I get a response telling me to link accounts using the Google Home app. Since my action is a conversational action and not a smart home action, my action will never be found in the Google Home app.
I have confirmed that this kind of account linking is supported with conversational actions (via docs as well as Actions on Google support). What support could not answer for me is what I can do about this, they directed me here for help.
So my question is, how is account linking handled for conversational actions on non-phone devices (e.g. smart speaker)? Does it simply not run at all, or do I have to do something to remove these Google Home prompts?
Thanks
If the Action is running on a device type that does not support a web browser then the authentication step is not going to work. If you have not signed in before, the operation will fail. Though if you have signed in already, any device will be able to retrieve your access token.
The way to do this would be to handle cases for a non-authenticated device that cannot be authenticated. This may mean providing some part of your Action that can run in these conditions. Alternately, you'll need to inform people that they'll first need to use their phone to perform account linking.
I'm trying to make a chatbot with Dialogflow for Google Home. It requires the user to input a URL. Now it will definitely be a long and complicated URL which I can't recreate and I can't have the user speak into the google home.
The idea I had was that the user would input the URL on an agent on messenger. I store this on a Firebase database and then access it with a second agent.
Now the issue I have is authentication, I was hoping to use account linking on my google action with facebook. But I can't login to Facebook with google home. Or if I can, I can't find any documentation specific to that case. Facebook doesn't provide the necessary client ID and secret(as far as I can see).
I managed amazon and Gmail account linking with Alexa and an Amazon Echo. In those cases, you would have to login to google or amazon on the Alexa app or webpage. Then this will be integrated with your Echo and the skill will become usable.
Anyone have an idea of how I can make the link happen, if not then anyone have an idea as to how I can solve the overall problem?
This question has been left unanswered on other forums, but I was hoping to either get it solved or find an alternative.
There are three approaches to solving your overall problem - getting the URL manually entered and available to your Action. Two of them tackle it the way you've suggested - involving authenticating to Facebook and tying that to the Assistant account somehow. One solves it entirely inside the Assistant.
Account linking to the Facebook account
You've tagged firebase-authentication, so I'm going to assume that you're using it to do the auth and you've enabled Facebook login through it. This means your user has a "Firebase Account", but they log into that account using Facebook.
I will assume you have a way to get the URL from messenger once they're logged in.
The trick in this case is to setup Account Linking between their Firebase account and their Assistant account. This is done by setting up an OAuth2 server that has access to the Firebase accounts and will create authorization and refresh tokens that are given to the Assistant.
In the Action, you'll send the user to the Sign In helper, which will redirect them to your login page and send back a one-time auth code to the Assistant. The assistant will then use your OAuth2 server to exchange this code for auth and refresh tokens. Periodically it will use the refresh token to get new auth tokens.
When the user returns to the conversation through the Assistant, you'll be handed an auth token and you can use this to lookup the user. Since you also know their Facebook account, you can get the URL via however you planned to do so.
There are drawbacks to this method - it is very complicated, and setting up your own OAuth2 server is not for the faint of heart. You may be able to use something like Auth0 instead of Firebase Authentication to accomplish the same thing, but then you don't have the ease of access to the Firebase database.
Account linking to both Facebook and Google
In your Firebase account, however, you don't need to limit them to just logging into Facebook. You can have them use Firebase to record both the Facebook and Google accounts that they're using. This would "link" the two accounts together in your system.
With this, you don't need to setup an OAuth2 server. Instead, you can have the Assistant use Google Sign In for authentication. If the Google Cloud Project that Firebase is using and the Assistant are using are the same project, then once the user has logged in to your project's web page with their Google account, you'll get an identity token on the Assistant which will contain their Google ID. You can use this to match up with their Firebase account and get the Facebook ID and proceed from there.
But this is still a lot of work and kinda messy, jumping between systems.
Using just the Google Assistant (and maybe a web page)
If you're willing to make some assumptions about the devices your users are using, then you may be able to do it all just using the Assistant. The Assistant doesn't just run on the Google Home and other smart speakers, it also works on most current Android and iOS devices.
So you can detect if they have such a device available and, if they do and they're not currently on it, direct them to switch to that device when you need the URL.
If they don't have such a device available (perhaps because their version of Android is older), and you think this may be a common scenario, you may need to make another entry source available. This could be one of the solutions above, or you may want to just have a simple web page (done via Firebase Hosting and Firebase Functions, perhaps) where they log in using their Google account (so you get their ID) and you let them enter the URL. If you just need a URL - going through Dialogflow may be more complexity than you need.
I have a web app and I use Facebook's Account Kit for authentication. If I delete my personal Facebook account, what happens to my Facebook developer account? Will Account Kit's API still work?
Your AccountKit setup is tied to one app that you have already set up and should be able to see in your Developer Dashboard.
It is a requirement for each app to have at least one valid Administrator. You should be able to delete your account, as long as you made sure to add someone else as an Administrator (and confirm that they accepted the request).