I'm looking for a way to store data for a Google Assistant action for all devices/users in a household, without requiring voice matching to identify a user.
I know you can store data in user.storage, but I don't necessarily want to require voice matching to link to a user, and if I use user.storage the data will only be associated with one user. I just want anyone on any of the devices (Google Home) in the household to be able to use the data persisted in the action.
One approach could be to obtain the device ID (if possible) when setting up the action and store the data by device ID. Then link all other devices in the household by device ID through the list of devices associated with the original user's account (if that's possible). Any other options?
This is currently not possible, there's no way to save data and have everyone in the household access it. I'm sure you've already seen the documentation on Save Data in a Conversation.
On shared devices like Smart Displays and Speakers, personal results are turned off by default. They can be enabled again following these instructions:
Open Assistant settings on your Android phone
Select device in "Assistant devices"
Turn Personal results on.
But this means other household members can see personal results, e.g. Calendar entries.
To determine if you will be able to use userStorage, you can use the recently launched GUEST/VERIFIED flag, see documentation here.
User storage is designed to work at a user-only level. If you don't have something like voice match setup, user storage will not persist. The best approach to having family or multi-person data sharing would be to use something like Google Sign-In to get their email, and then have a companion service like a website where users can share access with other emails. Then your service can pull from a common data source.
Related
I created an app on google home, and I want the app to work only if its MY voice who that asks to do the skills on my google home
How can i do that? Is this possible? I configured my google home at beginning for it recognize my voice, now how to make it mandatory for this app?
I'm trying to make my app secure because it's make banking operations by voice.
Each user request is sent to your application with a unique anonymous UserID. You will need to determine the UserID that belongs to your account (by looking at logs for your application to see which value is yours) and reject requests from other UserIDs.
Even better would be to setup a more proper Account Linking system.
Keep in mind, however, that the voice authentication system isn't perfect and there is a slight, but possible, way for others to duplicate the request - either by using a recording of your voice or by having a similar voice. Consider all the risks when designing such applications.
I am building an app that requires Device( Google Home/ Phone ) location. Do we need to request for permissions each time?
Unfortunately, yes. See Google Assistant location permissions not stored between requests
Where possible (ie - for the name) you should cache this against the UserId.
Clearly this isn't reasonable for location. I usually suggest coming up with a set of phrases to use to ask for location instead of just one to at least mitigate how frustrating it can be for the user.
Unlike mobile phone app permissions systems, there is no memory of if a user has previously granted your app a permission. So one option is to ask every time. A better option is to store the result in your backend for future use. However, you should avoid storing sensitive data (such as precise location) due to user privacy issues.
If, for example, you are wanting to store nearby train stations, you could ask for their location via the permission, query for nearby train stations using that location and then store the nearby train stations against their userId.
I am doing research on an Eddystone project where the user would receive personal (and therefore to some extent confidential) information based on an Eddystone URL on their phones. There is no app involved, so the user would be directed to a webpage (based on the eddystone URL) which will display the info.
I am wondering regarding the security implications of this: Without an app, I guess the EID cannot be used - is this right (or is the EID accessible in the notification and can be passed to the destination website as a parameter)? Therefore, I suppose anyone with the name of the url could then access this information which would become a problem as you could scrap the data for every user using the service with a simple script that reads this website every now and then.
There may be a way around it if the url in the beacon can be changed on the fly to something like www.abc.com/some-random-number. That would work but it would mean that the beacon url must be updated frequently.
Does anyone know of any beacons that come with an API that would allow me to do this from a Windows machine (I know manufacturers have apps that can change beacon data but that is not an option because this should run without user intervention)? E.g. I was thinking of a USB beacon that can be accessed from a little piece of software on windows which changes the url.
Or does anyone have a better idea on how to deal with this?
Thanks,
Chris
If you are going to show the website visitors some personal and confidential information, I do think the only way to go about is to have some sort of login on the website. The ability to change randomly the URL address that the beacon broadcasts would not be helpful, as you need a way to connect the random website address to the individual accessing it. The EID is a way to distinguish which apps can receive specific beacon information - it does not check which individual is using the application. (And you can only utilize it with applications, at least for now).
I just got starte with programming a Facebook app. I already wrote an app for the VZ-Network, and there they have something called 'Persistant Storage'. Basically its an environment where you can save custom data on each user account. With your app you can read this data from the current user as well as from the users friends. Now I want to port my app to Facebook and my problem is that I didn't find such functionality here yet.
For now I would like to finish and launch this as soon as possible, so it would be nice if I could c&p as much of the code as possible.
Since the data is contains information about participation, at some point I would like to use the Facebook event object. But I was wondering if that could cause problems since it would require to create those events publically in order to use them in my app. Couldn't that lead to legal problems when I create such events with those who actually host the events in the real world? Would I have to ask the hosts to create those events, could I automate this process, or in case they don't have a Facebook account ask them to approve that the app creates the event for them?
I also need to know in what events the users friends participate, so I can't simply save the information on my server, since I don't have the friend info there.
In any case, it seems much easier to me to simply use a list of EventIDs on each user account to check whether or not the user participates in an event.
I am building app that will serve some content to the users via my private server. At the server-side I would like to identify user, so that I don't serve same content twice to the same user. How can I identify user(s)?
One way is DeviceID, but user can have multiple devices...?
Is the only way to have my own user IDs for my application (registration). I don't like this as it adds extra complexity to the app.
I know it's a hard task, but maybe facial recognition (from the webcam) could help in logging in users, since it doesn't imply any relation between user and device.
For example, face.com offers a free web-based API for facial recognition.
Although, Ishu's answer (username/password) is the easiest and most standard way to do identify users.
Make an id for user's and also a login page in the app. save his id with in you content table for send that content for that user. if that content entry already having his id then don't send to him otherwise send to him.
I don't think there is another option. You must use user id nothing else.