Force user to relink his/her account
Very simple use case explaining my problem: Given my app asks for a pin for some interactions. Now the user gives me three times a wrong pin. Then, I want to reset his access and force him to re-link his account. I can do this pretty easily in my internal database, but I need a way to tell google that his currently used token is not valid anymore. Else, Google Assistant resists in sending me the now rejected token.
Update 2018-03-01: With the new built-in intents/events, I also tried sending the actions_intent_SIGN_IN event via the followupEvent attribute, but this only lead google assistant to recall my api with GOOGLE_ASSISTANT_WELCOME (with the old oauth token..) instead of restarting the sign in workflow.
Original post
I have a google assistant app with dialogflow, which forces the user to be signed in to use my app. The initial oauth workflow works and I do get the token in all api calls.
Now I want to force the user to re-run the account linking workflow under certain circumstances. To do so, I remove the oauth token from my internal database and send exactly this response to the user, which should equal to an app.askForSignIn() call if you are using the sdk: https://github.com/actions-on-google/actions-on-google-nodejs/blob/fe29016d472eeb1d080e2b575236076e9341199e/test/dialogflow-app-test.js#L1827
But this doesn't work. The assistant does not tell the user to re-run the oauth linking workflow, and does not delete it's stored oauth token. It doesn't even use it's refresh token to get a new access token!
In addition, instead of using the "speech" attribute of my response, the simulator answers with "Sorry, I didn't get any response." - although my simulator is configured to speak German.
(I also tried to leave out several probably unneeded parameters like the contextOut attribute. This results in a different request than the one stated in the official sdk sources, but does not give the desired results either.)
Dealing with same issue, I was advised to send a 401 response if you desire to remove the stored DF token. DF does not have an implicit Revoke Token intent.
- Turn off google assistant mic
- Where to find user's access token in requests from Assistant to fulfilment webhook?
- Deep link to Smart Home Action
- Homegraph in google smart home skill
- Google Action SmartHome - Publishing a release returns unknown error
- How does Action on Google Smart Home API works Asynchronously?
- My dialogflow agent is suddenly not matching an intent for any query
- WebAuthn conditional UI doesn't show up on Chrome
- Problem with google assistant and app actions in Android TV
- Issues with Google Assistant's Response to 'Turn On All Devices' When 'FAILED' Status is Sent
- Google Home oAuth page blank in Beta/Production but works fine in Alpha
- Why does Request Sync on HomeGraph API return 403 Forbidden?
- How can I delete project in actions on google console?
- Remove Actions on Google project from Google Home app Home control page
- Actions on Google - CLI (gactions) comment not found
- Local Fulfilment with multiple devices
- How to show current garage door state on Google Home?
- Are there APIs to automate google smart home action integration?
- Does the Conversational Actions sunset impact Actions that use Dialogflow agents?
- Google Action Builder Account Linking with custom authentication in Node js
- Conversational Actions Sunset 2023: Migrating from conversational actions to Smart Home Actions
- Google smart home mode traits are not displaying in ui
- Contact in Google regarding actions?
- Google Actions Builder Webhook URL Not Found
- iot-smart-home-cloud (gcp project) registered devices not appear in the flutter app and in Angular/web
- How to execute TestNetworkSpeed command for NetworkControl device trait using Google Actions?
- action console simulator is not working and I cannot release my project
- Can't enable or delete my service accounts on Google Cloud
- What equipment is supported action.devices.traits.CameraStream base on webRTC?
- Making POST requests in google actions without Inline Cloud Functions