How to link accounts to your Alexa App?
So after recently doing some development using Alexa skills, I have realized account linking isn’t so easy and can be difficult depending on what API you intend to link to. So here is a quick tutorial on how to link an account to an Alexa skill using Spotify as an example.
Step 1: Create a Spotify developer account
First you will need to create a Spotify developer account which you can sign up for here. https://developer.spotify.com/
Then you will need to create an app which will give you access to a client id and client secret which is necessary to allow account linking with an Alexa App.
Step 2: Incorporate relevant account details in Alexa Developer Console.
Once you have your app configured with the Alexa developer console. Go to the ‘build’ tab and on the left sidebar you can scroll down to find ‘account linking’. To enable account linking, turn on the “Do you allow users to create an account or link to an existing account with you?” toggle.
More information about general Alexa account linking can be found here
Alexa Account Linking: 5 Steps to Seamlessly Link Your Alexa Skill to User Systems That Require…
Editor's Note: This post was updated in January 2019. Some skills require the ability to connect the identity of an…
Step 3: Enter specific Spotify details
You should provide the Spotify authorization URI as well as the access token URI as follows. This will allow your app to grant an access token to which any user can use your Alexa skill can make requests with Spotify’s API.
You will need to provide your Spotify client ID as well as client secret which can be found from your Spotify developer dashboard.
You can provide you’re own redirect URL’s however I would advise using the ones provided by Alexa which are placed at the bottom of the Alexa account linking page. These are used to redirect the user once a valid Spotify user has enabled access for their account to be used by the Alexa app.
You can then choose the scopes to which you want to make requests to and from Spotifys API. Scopes define what resources you can gain access to. For example read and write access to users’ playlist, etc. For more information on specifically Spotifys scopes:
Authorization Scopes | Spotify for Developers
In order to use the Spotify Platform, you need to familiarise yourself with scopes. Scopes provide Spotify users using…
Finally I would add a default access token expiration time of 1800 which is 30 mins so that the application continues to regenerate a valid access token so that the app always has valid access to the APIs.
Once this is all provided Alexa does the hard work of making the authentication calls to the Spotify backend and retrieving the access token providing once a user downloads the app, they enable their account to be linked with your app.
A couple of other things to note is that, once an account is linked you gain access to the the access token in your code by doing this.
accessToken = handlerInput.requestEnvelope.context.System.user.accessToken;
Another way to find your access token is to test your app in the developer console and use the invocation command, you should be able to see your access token. I sometimes copy this access token to test out my calls to the API using Postman.
My last note worthy of mention is that if you plan on distributing your app, you should ensure you have some code which verifies each user has a valid access token and if they have not, they should link their account to the app.
This was exactly self-explanatory when I first came to develop an Alexa app which required an account to be linked therefore I thought it would be easier to create a blog post which explains this.
For any queries in relation to account linking with Alexa or working with the Spotify API, feel free to hit me up on Twitter.