Account Linking Management REST API Reference
Use the Account Linking Management REST API to manage your skills information related to linking Alexa user accounts to other OAuth identity providers. For more details about account linking, see Account Linking Concepts for Alexa Skills.
You can also use the Alexa Skills Kit Command Line Interface (ASK CLI) to manage account linking information.
API endpoint
The endpoint of the Account Linking Management API is https://api.amazonalexa.com.
Authentication
Each API request must have an authorization header whose value is the access token retrieved from Login with Amazon (LWA). For details, see Get an Access Token for SMAPI.
Operations
The Account Linking Management API includes the following operations.
| Operation | HTTP method and URI |
|---|---|
|
| |
|
| |
|
|
Delete account linking information
Remove account linking information from the specified skill in the specified skill stage.
Request
To remove account linking information, you make a DELETE request to the accountLinkingClient resource.
Request path and header example
DELETE /v1/skills/{skillId}/stages/{stage}/accountLinkingClient
Host: api.amazonalexa.com
Content-Type: application/json
Authorization: Bearer {access token}
Request path and header parameters
| Parameter | Located in | Description | Type | Required |
|---|---|---|---|---|
|
|
Path |
Identifies the skill. |
String |
Yes |
|
|
Path |
Indicates stage of the skill. |
String |
Yes |
|
|
Header |
String |
Yes |
Request body example
The request has no body.
Request body properties
The request has no body.
Response
A successful response returns HTTP 204 No Content.
On error, the response returns the appropriate HTTP status code and includes a response body with an error code and human readable message.
Response body example
The response has no body.
Response body properties
The response has no body.
HTTP status codes
| Status | Description |
|---|---|
|
|
Account linking information deleted successfully. |
|
|
Indicates that one or more properties in the request body aren't valid. |
|
|
Request didn't include the authorization token, or the included token expired or isn't valid. Or, you don't have access to the resource. |
|
|
Indicates that the authorization token is valid, but the requested operation isn't allowed. |
|
|
Requested resource not found. |
|
|
Permitted rate limit, specified as number of requests per unit of time, exceeded. Retry the request by using exponential back-off. |
|
|
Error occurred on the server. Retry the request by using exponential back-off. |
|
|
Server is down for maintenance, overloaded, or otherwise unavailable to handle the incoming request. |
Get account linking information
Get the account linking information associated with the specified skill.
Request
To get account linking information, you make a GET request to the accountLinkingClient resource.
Request path and header example
GET /v1/skills/{skillId}/stages/{stageV2}/accountLinkingClient
Host: api.amazonalexa.com
Content-Type: application/json
Authorization: Bearer {access token}
Accept: application/json
Request path and header parameters
| Parameter | Located in | Description | Type | Required |
|---|---|---|---|---|
|
|
Path |
Identifies the skill. |
String |
Yes |
|
|
Path |
Indicates stage of the skill. |
String |
Yes |
|
|
Header |
String |
Yes |
Request body example
The request has no body.
Request body properties
The request has no body.
Response
A successful response returns HTTP 200 OK, along with the account linking information. For more details, see Account Linking Schemas.
On error, the response returns the appropriate HTTP status code and includes a response body with an error code and human readable message.
Response body example
{
"type": "AUTH_CODE",
"authorizationUrl": "https://www.example.com/auth_url",
"domains": ["www.example.com"],
"clientId": "your.client.id.1",
"scopes": [
"permission.scope.a",
"permission.scope.b"
],
"accessTokenUrl": "https://www.example.com/accessToken_url",
"accessTokenScheme": "HTTP_BASIC",
"defaultTokenExpirationInSeconds": 20,
"redirectUrls": [
"https://www.example.com/redirect_url"
],
"authorizationUrlsByPlatform": [{
"platformType": "iOS",
"platformAuthorizationUrl": "https://your.ios.url"
},
{
"platformType": "Android",
"platformAuthorizationUrl": "https://your.android.url"
}
],
"voiceForwardAccountLinking": "ENABLED"
}
Response body properties
| Property | Description | Type |
|---|---|---|
|
|
Identifies the OAuth 2.0 grant type. For more details, see Grant types.
Valid values: |
String |
|
|
URL of your authorization server to which the Alexa app redirects the customer to enter login credentials for your system. |
String |
|
|
List of additional domains from which the authorization URL fetches content. |
Array of string |
|
|
Unique public string that identifies the customer. |
String |
|
|
List of permissions that your skill requests from the customer. |
Array of string |
|
|
URL of your token server that can receive access and refresh token requests. |
String |
|
|
Type of client authentication scheme. |
String |
|
|
Number of seconds that the access token is valid. |
Integer |
|
|
List of URLs to redirect back to when the OAuth system initiates the linking process. Your authorization server calls this URI to take the user back to the Alexa app after the customer logs into your system. |
Array of string |
|
|
List of URLs by mobile platform used to start account linking. |
Array of objects |
|
|
Type of mobile platform that the customer uses to perform account linking. |
String |
|
|
OAuth 2.0 authorization URL to open the app to authenticate the customer. |
String |
|
|
Specifies whether the skill supports voice-forward account linking. |
String |
HTTP status codes
| Status | Description |
|---|---|
|
|
Response body contains the account linking information. The response header contains an |
|
|
Indicates that one or more properties in the request body aren't valid. |
|
|
Request didn't include the authorization token, or the included token expired or isn't valid. Or, you don't have access to the resource. |
|
|
Indicates that the authorization token is valid, but the requested operation isn't allowed. |
|
|
Requested resource not found. |
|
|
Permitted rate limit, specified as number of requests per unit of time, exceeded. Retry the request by using exponential back-off. |
|
|
Error occurred on the server. Retry the request by using exponential back-off. |
|
|
Server is down for maintenance, overloaded, or otherwise unavailable to handle the incoming request. |
Update account linking information
Update account linking information for the specified skill.
Request
To update account linking information, you make a PUT request to the accountLinkingClient resource.
Request path and header example
PUT /v1/skills/{skillId}/stages/{stage}/accountLinkingClient
Host: api.amazonalexa.com
Content-Type: application/json
If-Match: {etag}
Authorization: Bearer {access token}
Request path and header parameters
| Parameter | Located in | Description | Type | Required |
|---|---|---|---|---|
|
|
Path |
Identifies the skill. |
String |
Yes |
|
|
Path |
Indicates stage of the skill. |
String |
Yes |
|
|
Header |
Current version of the account linking information. Use Get account linking information to get the current version. |
String |
Yes |
|
|
Header |
String |
Yes |
Request body example
{
"accountLinkingRequest": {
"type": "AUTH_CODE",
"authorizationUrl": "https://www.example.com/auth_url",
"domains": ["www.example.com"],
"clientId": "your.client.id.1",
"scopes": [
"scope_a",
"scope_b"
],
"accessTokenUrl": "https://www.example.com/accessToken_url",
"accessTokenScheme": "HTTP_BASIC",
"defaultTokenExpirationInSeconds": 20,
"redirectUrls": [
"https://www.example.com/redirect_url"
],
"authorizationUrlsByPlatform": [{
"platformType": "iOS",
"platformAuthorizationUrl": "https://your.ios.url"
},
{
"platformType": "Android",
"platformAuthorizationUrl": "https://your.android.url"
}
],
"skipOnEnablement": "true",
"voiceForwardAccountLinking": "ENABLED"
}
}
Request body properties
| Property | Description | Type | Required |
|---|---|---|---|
|
|
Defines the updates to the account linking information. |
Object |
Yes |
|
|
Identifies the OAuth 2.0 grant type. For more details, see Grant types. For smart home and video skills, you must set to |
String |
No |
|
|
URL of your authorization server to which the Alexa app redirects the customer to enter login credentials for your system. |
String |
No |
|
|
List of additional domains from which the authorization URL fetches content. You can specify up to 15 domains. |
Array of string |
No |
|
|
Unique public string that identifies the customer. |
String |
No |
|
|
List of permissions that your skill requests from the customer. |
Array of string |
No |
|
|
URL of your token server that can receive access and refresh token requests. Required when |
String |
No |
|
|
Type of client authentication scheme. Required when |
String |
No |
|
|
Number of seconds that the access token is valid.
Required when |
Integer |
No |
|
|
List of URLs to redirect back to when the OAuth system initiates the linking process. Your authorization server calls this URI to take the user back to the Alexa app after the customer logs into your system. |
Array of string |
No |
|
|
List of URLs by mobile platform used to start account linking. |
Array of objects |
No |
|
|
Type of mobile platform that the customer uses to perform account linking. |
String |
Yes |
|
|
OAuth 2.0 authorization URL to open the app to authenticate the customer. |
String |
Yes |
|
|
Indicates whether to start account link when the customer enables the skill. |
Boolean |
No |
|
|
Specifies whether the skill supports voice-forward account linking. |
String |
No |
Response
A successful response returns HTTP 204 No Content.
On error, the response returns the appropriate HTTP status code and includes a response body with an error code and human readable message.
Response body example
The response has no body.
Response body properties
The response has no body.
HTTP status codes
| Status | Description |
|---|---|
|
|
Account linking information updated successfully. The response header contains an |
|
|
Indicates that one or more properties in the request body aren't valid. |
|
|
Request didn't include the authorization token, or the included token expired or isn't valid. Or, you don't have access to the resource. |
|
|
Indicates that the authorization token is valid, but the requested operation isn't allowed. |
|
|
Requested resource not found. |
|
|
Permitted rate limit, specified as number of requests per unit of time, exceeded. Retry the request by using exponential back-off. |
|
|
Error occurred on the server. Retry the request by using exponential back-off. |
|
|
Server is down for maintenance, overloaded, or otherwise unavailable to handle the incoming request. |
Related topics
- Account Linking Concepts for Alexa Skills
- Add Account Linking to Your Alexa Skill
- Account Linking Schema
Last updated: Aug 07, 2024