Search code examples
node.jsnode-modulesactions-on-googleaccount-linkinggoogle-voice-actions

Google Action Builder Account Linking with custom authentication in Node js

I'm creating Google Actions Builderaction console and I'm having some doubt in Account Linking. Should be like, need to authenticate account linking based on my database data.

Example:

While Account Linking if I wanted to pass a email ([email protected]), that email should be active and only on that case Account Linking should be allow. So for this I want to write custom Node Js function.

So that I have used Link Type as oAuth and Authorization, Token URL I set with as my custom Node Js functions. enter image description here

My doubt:

  1. how to pass email id while link Account Linking.
  2. After validate email how can I link account in Google Actions Builder.

My Node Js Code

Here I want to write function inside auth call back function inside if(result).

const express = require('express');
const port = 5003;
const app = express();

app.get('/', (req, res) =>{
    res.send(`Welcome to Test App Nodejs`);
})

app.get('/auth', (req, res) =>{        
    var email = req.query.email;
    userModel.findAll({
        where: {
            emailId: email,
            status:1 
        }
    }).then((result) =>{
        if(result){
            // Allow to account link
        } else{
            // to return Thanks for trying to account linking
        }
        
    }).catch((err)=>{
        res.send(err);
    })
    
});

app.listen(port, (req, res)=>{
    console.log(`Test App runing with ${port}`)
})
Solution

  • There are a number of things about your question that don't fit with how Account Linking is meant to work, so it might make sense to get a brief overview of how Account Linking works.

    The purpose of Account Linking is to provide a way that a user record that you maintain for your service gets associated with an Assistant account. This is done (broadly speaking) by the user authorizing Google to access basic information about the user's records in your system. This is done using OAuth2.

    There are variants (authorizing using a mobile app, or authorizing the Google account to give you the user record), but they generally work the same way:

    • You authorize Google to get access to information
    • Google provides this information as part of the request sent to your webhook

    So it does not exactly make sense for you to provide to your webhook an email address and expect it to link somehow. That isn't how this works. If anything - it makes it so you don't need to ask the user for their email address, you can just get it from the linked account.

    If you are trying to build a webhook that does the authorization part, you'll need to have it handle OAuth2. This is a lot more than "pass an email address", however, and while it is not difficult, it can be tricky to get some security elements correct. This is usually best left to tools such as Auth0 or other identity providers.

    You can also learn more about Account Linking and how it works in general with Action Builder.

    Also, keep in mind that conversational actions will be shut down on June 13 2023.