Account Linking Schemas

The account linking schema is a JSON representation of the OAuth 2.0 information required to connect the skill user's Amazon identity with their identity in a different system. For more details, see Requirements for Account Linking. You can also configure account linking on the Build > Account Linking section of the Alexa developer console.

To create and get account linking information, you can use the update-account-linking-info and get-account-linking-info Alexa Skills Kit (ASK) Command Line Interface (CLI) commands.

For more details about account linking, see Add Account Linking to Your Alexa Skill.

Account linking request

Field Description Type

accessTokenScheme

Type of authentication used such as HTTP_BASIC, or REQUEST_BODY_CREDENTIALS. Required only when AUTH_CODE is specified.

String

accessTokenUrl

URI for requesting authorization tokens. Required only when AUTH_CODE is specified for type.

String

clientSecret

Credential you provide that lets the Alexa service authenticate with the Access Token URI. This is combined with clientId to identify the request as coming from Alexa.

String

defaultTokenExpirationInSeconds

(Optional) Time in seconds for which the access token is valid. This value is used if the OAuth client doesn't return expires_in. If the OAuth client returns expires_in, the value provided by the OAuth client is used instead of this value. Only applicable if type is AUTH_CODE.

Integer

domains

List of additional domains that your login page fetches content from. You can specify up to 15 domains.

Array of strings

reciprocalAccessTokenUrl

(Optional) Link(s) that send the user back to your app after they acknowledge the linking request in the Alexa app or Login with Amazon using app-to-app account linking. In the developer console, you specify these on the Build > Account Linking page using the Your Redirect URLs field. This URI will be invoked with authorization codes that can be exchanged for Alexa access tokens.

String

redirectUrls

To redirect back to your app. For details, see Redirect URLs.

Array of strings

scopes

Indicates the access that you need for the user account ,such as user_id. Required for smart home skills. You can specify up to 15 scopes.

Array of strings

skipOnEnablement

Set to true to let users enable the skill without starting the account linking flow. Set to false to require the normal account linking flow when users enable the skill. For more details, see Let Users Enable Your Skill without Account Linking.

Boolean

type

Specifies the OAuth authorization grant type.
Valid values: AUTH_CODE, IMPLICIT.
NOTE: You must use AUTH_CODE with smart home skills.

String

voiceForwardAccountLinking

(Optional) Specifies whether the skill supports voice-forward account linking. To enable your skill to use voice-forward account linking, use the Update account linking information API to set the voiceForwardAccountLinking field to ENABLED.
Valid values: ENABLED or DISABLED.
Default value: DISABLED.

String

authorizationUrlsByPlatform

List of authorization platform objects that contain the URL to use as a Universal Link or App Link to open the authorization page of your app. For more details, see App-to-App Account Linking (Starting From the Alexa App).

An authorization platform object contains two properties:

  • platformType – The mobile platform your app should use for app-to-app account linking. Valid values: iOS or Android.
  • platformAuthorizationUrl – The HTTPS Universal Link or App Link to open your app.

Array of authorization platform objects

Sample account linking request

{
  "accountLinkingRequest": {
    "skipOnEnablement": "true",
    "type": "AUTH_CODE",
    "authorizationUrl": "string",
    "domains": [
      "string"
    ],
    "clientId": "string",
    "scopes": [
      "string"
    ],
    "voiceForwardAccountLinking": "string",
    "accessTokenUrl": "string",
    "reciprocalAccessTokenUrl": "string",
    "clientSecret": "string",
    "accessTokenScheme": "HTTP_BASIC",
    "defaultTokenExpirationInSeconds": 3600,
    "redirectUrls": [
      "string"
    ],
    "authorizationUrlsByPlatform": [
     {
       "platformType": "iOS",
       "platformAuthorizationUrl": "https://youriOSURL"
     },
     {
       "platformType": "Android",
       "platformAuthorizationUrl": "https://yourAndroidURL"
     }
    ]    
  }
}

Redirect URLs

In terms of account linking, there are two types of redirect URLs: Alexa redirect URLs and your redirect URLs. The difference is as follows:

  • Alexa redirect URLs – These URLs, which point to the Alexa app, have constant, predetermined values. You don't define them, which is why they aren't in the account linking request schema defined in the previous section. You can find these URLs in the developer console on the Build > Account Linking page in the Alexa Redirect URLs field. When the Alexa app makes a request to your authorization URI, it passes the Alexa redirect URLs using the redirect_uri field in the query parameters.

    Alexa sets the redirect URLs based on the following account linking types:
    • For authorization code grants, the redirect_uri format is {baseUrl}/api/skill/link/{vendorId}.
    • For implicit grants, the redirect_uri format is {baseURL}/spa/skill/account-linking-status.html?vendorId={vendorId}.

      Valid values for baseUrl:
      • For NA: https://pitangui.amazon.com
      • For EU: https://layla.amazon.com
      • For FE: https://alexa.amazon.co.jp
  • Your redirect URLs – These URLs, which point to your own app, are only for app-to-app account linking implementations. You specify these URLs in the developer console on the Build > Account Linking page using the Your Redirect URLs field or, if you are using SMAPI, the redirectUrls field of the account linking request schema defined in the previous section.
Was this page helpful?

Last updated: Nov 20, 2024