Search code examples
oauthdialogflow-esactions-on-googlegoogle-account

Actions on Google Account Linking - Google accounts cannot be used as Auth endpoint urls per our Account Linking policy

I'm trying to setup account linking in dialogflow agent using this documentation, I've created my credentials from the Google cloud platform. when I'm trying to put that credentials data to Actions on Google console, it gives an error as shown in below picture.

enter image description here

I've put these Authorization URL and token URL from my credential JSON.

The error says: Google accounts cannot be used as Auth endpoint urls per our Account Linking policyLearn more

I want to know about the following:

  1. What this error means.
  2. how to solve this issue.
Solution

  • The error is exactly what it says - if you are setting up Account Linking using the Auth Code Flow, you're not allowed to use Google's servers as your authentication endpoints. You're expected to have your own OAuth server (or use one such as Auth0) to do this.

    How to resolve this depends on your exact needs and exactly what you have available to work with:

    Setting up your own OAuth server

    If you have an existing service that has accounts already, you would likely want to link the user's account in your service to their Assistant account.

    To do this, you would need to setup an OAuth server. If you are already using one as part of your existing service, you can configure it for the Assistant. If not, Google provides information about the minimal implementation requirements or you can use existing libraries.

    Using OAuth as a Service

    You can also use a service such as Auth0 to provide authentication. Depending on your needs, this is a good service that allows people to log in using a range of providers and gives you an API to access their accounts maintained on Auth0.

    Using Google Sign-In for Assistant

    Finally, if you are either using their Google Account in your own service, or you just want a way for them to log in using their Google Account, you can use the (still in preview) Google Sign-In for Assistant. This will give you an ID token as part of your fulfullment which contains the Google ID