App-to-App Account Linking (Starting From Your App)

Note: Feature support for this account linking flow is as follows:
• Launching the Alexa app from your app – iOS and Android
• Login with Amazon – Web and as a fallback for iOS and Android

This account linking flow enables users to link their Alexa user identity with their identity in another service by starting from your app or website. When you start the account linking flow from your app, your users can:

Discover your Alexa skill through your app
Initiate skill enablement and account linking from within your app
Link their account without entering their account credentials in either your app or the Alexa app, when they're logged in to both of the apps on their mobile device
Link their account from your app using Login with Amazon (LWA), when the Alexa app isn't installed on their mobile device

Your other options for implementing the account linking flow are the following:

App-to-app starting from the Alexa app – Users link their account by starting from the Alexa app instead of your app. For details, see App-to-App Account Linking (Starting From the Alexa App).
Alexa app only (browser flow) – Users accomplish account linking entirely within the Alexa app. This is the most common flow. For details, see Choosing an account linking flow.

If you have an app or website, we encourage you to implement one of the app-to-app account linking flows in addition to the Alexa app-only flow.

For the rest of this topic, the term app-to-app account linking refers specifically to app-to-app account linking that starts from your app.

Terminology
User experience
Which flow to implement
How it works
URLs and endpoints
Key steps
Errors
Best practices
Testing guidelines
Frequently asked questions
Related topics

Terminology

This topic uses the following terms:

Service – The service that you provide. For example, you might have a web-based service, "Ride Hailer", that lets users order taxis.
App – The app that your users use to interact with your service. Continuing the previous example, you might have a "Ride Hailer" app. This discussion assumes that you are the developer of the app.
Skill – The Alexa skill that enables the user to interact with your service using Alexa. This discussion assumes that you are the developer of the skill.
Alexa app – The Amazon Alexa app that users can download for their mobile device.
Login with Amazon (LWA) – An authentication system that enables users to log in and grant access to their user profile data. In terms of app-to-app account linking, LWA is a fallback that you can implement to handle the case in which users don't have the Alexa app installed on their mobile device. For general information about LWA, see the Login with Amazon documentation.
OAuth 2.0 – An authentication standard by which your service can allow Alexa, with the user's permission, to access information from the account that the user has set up with you. For the OAuth 2.0 standard, see OAuth 2.0.
App Link – A deep link on Android that a user clicks to launch an app. For details about App Links, see the Android documentation.
Universal Link – A deep link on iOS that a user clicks to launch an app. For details about Universal Links, see the iOS documentation.

User experience

During app-to-app account linking, the user goes through the following workflow:

Your app gives the user the option to enable your skill and link their account with Alexa. If the user chooses to link their account, one of two things happens, depending on whether the Alexa app is installed on the mobile device.
(Alexa app flow) If the Alexa app is installed on the device, the Alexa app launches and asks the user to acknowledge the account linking request. After acknowledging the request, the user is returned to your app.
(LWA flow) If the Alexa app isn't installed on the device, an in-app browser window with LWA opens, and the user can enter their Amazon credentials or create an Amazon account. The user is then asked to give your skill permission to link the accounts. After acknowledging the request, the user is returned to your app.

After the account is linked and the user is using your skill, the skill uses the same workflow as Alexa-app only account linking. In any case, disabling the skill causes the accounts to unlink.

The following are example screenshots for app-to-app account linking. As mentioned previously, the flow depends on whether the user has the Alexa app installed.

Note: For requirements around using the Alexa brand in your app's user interface, see Alexa Brand Guidelines for Amazon Developers.

Alexa app is installed

The following is an example of the Alexa app flow.

Alexa app isn't installed

The following is an example of the LWA flow.

Alexa app-to-app account linking using Login With Amazon

Which flow to implement

The Alexa app flow is available for iOS and Android. As such, the flow that you implement depends on whether you are developing an iOS app, an Android app, or a website:

iOS and Android apps – Implement the Alexa app flow as the primary flow, and the LWA flow as a fallback for when the Alexa app isn't installed.
Websites – Implement the LWA flow.

How it works

App-to-app account linking works by using OAuth 2.0. The following figure shows what goes on behind the scenes when the user starts account linking from your app on their mobile device. (Click image to enlarge.)

The steps are as follows. For details about the URLs mentioned, see URLs and endpoints.

The user installs your app on their mobile device, and logs in to your app.
Your app presents the user with the option to enable your skill and link their account with Alexa, with a mention of the benefit (for example, "You can now order a car through Ride Hailer by voice with Alexa"). The user acknowledges the linking request.
What happens next depends on whether the Alexa app is installed on the user's device.
- If the Alexa app is installed:
  1. Your app launches the Alexa app using the Alexa app URL with the authorization request parameters described later.
  2. The Alexa app launches and asks the user if they want to link Alexa with your service.
  3. The user acknowledges the linking request.
  4. The Alexa app sends the user back to your app using your redirect URLs, and sends the user's Amazon authorization code as a part of that redirect.
- If the Alexa app isn't installed:
  1. Your app launches LWA using the LWA fallback URL in an in-app browser tab (not a native browser app) with the authorization request parameters described later.
  2. LWA launches and asks the user to log in to their Amazon account.
  3. LWA asks the user if they want to link Alexa with your service. The user acknowledges the linking request.
  4. LWA sends the user back to your app using your redirect URLs, and sends the user's Amazon authorization code as a part of that redirect.
Your backend server calls the LWA authorization service URL and exchanges the Amazon authorization code it retrieved in the previous step for an Amazon access token.
Your backend server calls your authorization server to get the user's authorization code (for their account in your service).
Your backend server calls the Alexa Skill Activation API with the user's Amazon access token and the user's authorization code for your service, to enable the skill and link the account.
Alexa goes to your app's access token URL to exchange the user's authorization code for your service for an access token for your service, thereby completing account linking.

URLs and endpoints

This section describes the URLs and endpoints that relate to app-to-app account linking. A description of the parameters follows.

Name	Where it's used	Details
Alexa app URL	Your app uses this Universal Link (iOS) or App Link (Android) to send the user to the Alexa app to acknowledge the linking request. For parameter descriptions, see Parameters for the Alexa app URL and the LWA fallback URL. For general information about Universal Linking, see Allowing Apps and Websites to Link to Your Content in Apple's documentation. You can store the Alexa app URL and the LWA fallback URL in the back end, and retrieve them with a GET request. You can also store the URLs locally to avoid an extra network call; this might require a new build if you modify the skill security profile in the future.	Format: `https://alexa.amazon.com/spa/skill-account-linking-consent?fragment=skill-account-linking-consent&client_id={ClientId}&scope=alexa::skills:account_linking&skill_stage={skillStage}&response_type=code&redirect_uri={yourRedirectUrl}&state={yourState}`
LWA fallback URL	A link that sends the user to LWA to enter their Amazon credentials. It works for iOS, Android, and websites. Your app uses this if the user doesn't have the Alexa app installed on their device. For parameter descriptions, see Parameters for the Alexa app URL and the LWA fallback URL. See the previous note for the Alexa app URL about storing the URLs.	Format: `https://www.amazon.com/ap/oa?client_id={ClientId}&scope=alexa::skills:account_linking&response_type=code&redirect_uri={yourRedirectUrl}&state={yourState}`
Your app's redirect URLs	The Alexa app (or LWA, if the Alexa app isn't installed) uses this Universal Link or App Link to send the user back to your app after they acknowledge the linking request in the Alexa app or LWA. The parameters returned with the redirect provide your app with the user's Amazon authorization code, which is valid for 5 minutes.	You specify one or more of these using the developer console, the ASK CLI, or SMAPI. See the required syntax in the URI specification.
Authorization URL	The URL of your authorization server. The authorization server must accept the user's credentials, authenticate the user, and generate an authorization code that the Alexa app can later pass to your authorization server to retrieve an access token that uniquely identifies the user with your service.	This link is only used for regular (not app-to-app) account linking. You specify this using the developer console, the ASK CLI, or SMAPI.
Access token URL	Your token server, which Alexa uses to exchange the user's authorization code (for your service) for an access token, to complete account linking.	You specify this using the developer console, the ASK CLI, or SMAPI.
LWA authorization service	Your backend server uses this to exchange the user's Amazon authorization code for an Amazon access token. This enables your app to call the Alexa service to enable the skill and link the account for the user.	Host: `https://api.amazon.com` with POST request on `/auth/o2/token`
Alexa Skill Activation API endpoint	Your backend server calls this to enable the skill for the user. For details about the Alexa Skill Activation API, see Alexa Skill Activation API.	Format: `https://api.amazonalexa.com/v1/users/~current/skills/{yourSkillId}/enablement` Depending on where the user is located, the base URL could be `https://api.amazonalexa.com`, `https://api.eu.amazonalexa.com`, or `https://api.fe.amazonalexa.com`.

Parameters for the Alexa app URL and the LWA fallback URL

Field	Description
Client ID	The client ID that the developer console provides when you enable app-to-app account linking in the developer console.
Client secret	The client secret that the developer console provides when you enable app-to-app account linking in the developer console.
Redirect URL	The Universal Link or App Link that you specify when you enable app-to-app account linking in the developer console. The Alexa app and LWA redirect the user back to this URL after they acknowledge the account linking request.
Scope	Your app must set this to `alexa::skills:account_linking` to have permission to enable the skill.
Skill ID	The unique identifier of your skill. You can find this in the developer console.
Stage	The skill stage, which depends on whether your skill is published. Until your skill is published, set `stage` to `development`. When your skill is published, use `live`.
response type	The response type must be `code`, because app-to-app account linking currently supports authorization code grants only.
state	An opaque value that your app uses to maintain state between the current request and the response. For the Alexa app URL, the state value is required. Alexa includes this state as-is in the response when it redirects the user back to your app using your redirect URLs. You must validate the incoming requests using state to prevent cross-site request forgery. Make sure that the state that you generate doesn't contain `&`, `=`, `‘`, `/`, `\`, `<`, `>`, `“`, `#`, or `\|`. You can use a base64 URI as a safe way to do this. For an example implementation, see the state helper code example in Step 4: Get the user's Amazon authorization code. You can generate the state using secure random number generator, and save it to your user session for validation. Alternatively, you can generate the state from your backend server and using a key to encrypt and decrypt it.

Key steps

This section describes key steps, and provides code examples for an iOS app (10.0 or higher) and an Android app by using the following libraries and languages:

iOS app – Swift 4, Alamofire and SwiftyJSON
Android app – Kotlin
Backend server – Node.js v11.12.0, Lodash 4.1.77, and axios 0.18.0

The following figure provides an overview of the steps. Descriptions of the steps, including code examples, follow.

Jump to step: 1 2 3 4 5 6 7 8

Step 1: Display an account linking option in your app

Your app needs to have a screen from which a user can initiate skill enablement and account linking. This page should show what the user can do by linking their account with Alexa, such as ordering a car by voice.

Step 2: Enable Universal Links (iOS) or App Links (Android) for your app

To allow the Alexa app to redirect the user to your app, you must enable Universal Links for your iOS app or App Links for your Android app.

Step 3: Configure the skill to use app-to-app account linking

You configure your skill by using the developer console, the Alexa Skills Kit Command Line Interface (ASK CLI), or the Alexa Skill Management API (SMAPI). During this configuration, you specify things like your app's redirect URLs, access token URL, and so on.

Field	Description	Type
`skipOnEnablement`	Set to true to let users enable the skill without starting the account linking flow. Set to false to require the normal account linking flow when users enable the skill. For more information, see Let Users Enable Your Skill without Account Linking.	Boolean
`type`	Specifies the OAuth authorization grant type. For app-to-app account linking, you must use `AUTH_CODE`.	String
`authorizationUrl`	The URL of your authorization server, which must accept the user's credentials, authenticate the user, and generate an authorization code that the Alexa app can later pass to your authorization server to retrieve an access token that uniquely identifies the user with your service.	String
`domains`	A list of additional domains that your log-in page gets content from. You can specify up to 15 domains.	Array of String
`clientId`	Identifier that your log-in page uses to recognize that the request came from your skill.	String
`scopes`	Strings that indicate the access that you need for the user account, such as the `user_id`. For smart home skills, this field is required. You can specify up to 15 scopes.	Array of String
`accessTokenUrl`	The URI for requesting authorization tokens. Required only when `type` is `AUTH_CODE`.	String
`clientSecret`	A credential that you provide that lets the Alexa service authenticate with the Access Token URI. This is combined with `clientId` to identify the request as coming from Alexa.	String
`accessTokenScheme`	The type of authentication used. Examples are `HTTP_BASIC`, or `REQUEST_BODY_CREDENTIALS`. For app-to-app account linking this is required, because the authorization grant type is `AUTH_CODE`.	String
`redirectUrls`	Universal Links or App Links to launch your app. Redirect URLs must comply with the specified URI syntax.	Array of String

Step 4: Get the user's Amazon authorization code

Your app needs to get the user's Amazon authorization code so that it can later exchange it for an Amazon access token. The Amazon access token will enable the app to enable the skill and complete account linking. The Amazon authorization code is valid for 5 minutes.

iOS examples

Android examples

State generation and validation

Step 5: Exchange the Amazon authorization code for an Amazon access token

After your app receives the user's Amazon authorization code, you need to use it to get the Amazon access token. You need the access token to call the Alexa service to enable the skill and complete account linking.

Step 6: Enable the skill and complete account linking

Now that your app has the user's Amazon access token, your backend server can call the Alexa Skill Activation API to enable the skill and complete account linking.

Step 7: Display the account linking status in your app

Let the user know the account linking status by displaying it in your app, such as in the screenshots in User experience and Errors.

Step 8: Use the access token in the skill

After a user successfully enables your skill and links Alexa with your service, requests sent to your skill include the user's access token. Your skill code needs to get the access token from the request, validate it, and use it to retrieve the necessary user information from your resource server.

Errors

This section describes possible errors that can occur when account linking or skill enablement fails. When an error occurs, your app should show the appropriate error message to the user. The following image shows one example; this section lists others as well.

Error descriptions

This section describes error scenarios that can occur when a user tries to initiate app-to-app account linking. Your app must inform the user that account linking failed, and provide the appropriate error message to the user. This section provides error messages and gives possible causes of the errors. For the best user experience, we encourage you to use the error messages we provide here.

There are three points in the app-to-app account linking flow where your app might receive an error from Alexa:

Obtaining the Amazon authorization code
Exchanging the Amazon authorization code for an Amazon access token
Calling the Alexa Skill Activation API

Errors when obtaining the Amazon authorization code

If an error occurs when your app tries to get the Amazon authorization code, the redirect_uri that the Alexa app uses to redirect the user back to your app will include an error query parameter, as described by the OAuth 2.0 specification. The Alexa app and the LWA fallback both follow the OAuth 2.0 specification, so they both return the same error codes to your app. For details about why the request to get the Amazon authorization code failed, you can check the error_description query parameter and the OAuth 2.0 specification description for that error code.

Error code	Message to show to user	Possible causes
invalid_request	We are experiencing a problem connecting with Alexa to link your account. Please try again later.	Request is missing `state`, `scope`, and/or `response_type`
unauthorized_client	We are experiencing a problem connecting with Alexa to link your account. Please try again later.	The provided `client_id` doesn't have access to request consent to link the user's account
access_denied	None. (The user shouldn't see an error message because they were the one who denied the access.)	The user rejected the request to link their account
unsupported_response_type	We are experiencing a problem connecting with Alexa to link your account. Please try again later.	Parameter `response_type` isn't equal to `code`
invalid_scope	We are experiencing a problem connecting with Alexa to link your account. Please try again later.	Invalid `scope` parameter
server_error	Sorry, Alexa encountered an unexpected error while trying to link your account. Please try again.	Unexpected server error
temporarily_unavailable	Sorry, Alexa encountered a momentary error while trying to link your account. Please try again later.	Temporary server error

Errors when exchanging the Amazon authorization code for an Amazon access token

If an error occurs exchanging the Amazon authorization code for the Amazon access token, the Amazon token server will respond with a 400 Bad Request status code and the body's JSON response will include an error parameter, as described by the OAuth 2.0 specification. For details about why the request to obtain the Amazon access token failed, you can check the error_description parameter of the JSON response and the OAuth 2.0 specification description for that error code.

Error code	Message to show to user	Possible causes
invalid_request	We are experiencing a problem connecting with Alexa to link your account. Please try again later.	Missing `client_id`, `client_secret`, `grant_type`, and/or `code`
invalid_client	We are experiencing a problem connecting with Alexa to link your account. Please try again later.	Invalid `client_id` and/or `client_secret`
invalid_grant	We are experiencing a problem connecting with Alexa to link your account. Please try again later.	The request's `code` (Amazon authorization code) is invalid
unauthorized_client	We are experiencing a problem connecting with Alexa to link your account. Please try again later.	The provided `client_id` doesn't have permission to request consent to link the user's account
unsupported_grant_type	We are experiencing a problem connecting with Alexa to link your account. Please try again later.	The request's `grant_type` isn't `authorization_code`

Errors when calling the Alexa Skill Activation API

If an error occurs when your app calls the Alexa Skill Activation API to enable and link the user's account, the API will respond with a status code that says why the request failed. Otherwise, the API will respond with a 200 OK. For details about why the skill activation request failed, you can check the message parameter of the JSON response.

HTTPS status code	Message to show to user	Possible causes
400 Bad Request	We are experiencing a problem connecting with Alexa to link your account. Please try again later.	Missing `skill_id`, `stage`, `accountLinkingRequest.authCode`, `accountLinkingRequest.redirectUri`, and/or `accountLinkingRequest.Type` Error requesting your app's access/refresh token pair from your app's token server
403 Forbidden	We are experiencing a problem connecting with Alexa to link your account. Please try again later.	The Amazon access token is invalid The Amazon access token doesn't have the user's consent to enable the skill The Amazon access token doesn't belong to the `skill_id` provided in the request The user isn't entitled to enable the skill with the specified `skill_id` provided in the request
404 Not Found	We are experiencing a problem connecting with Alexa to link your account. Please try again later.	Invalid `skill_id` and/or `stage`
500 Server Error	Sorry, Alexa encountered an unexpected error while trying to link your account. Please try again.	Unexpected server error Problem linking accounts with your app's OAuth server

Best practices

When you implement app-to-app account linking, keep the following best practices in mind:

Discoverability of app-to-app account linking
Usability
Unlinking
Back-end code

Discoverability of app-to-app account linking

To make app-to-app account linking easy to access from your app, follow these best practices:

Keep the number of clicks low.
Surface the Alexa integration.
Review your voice assistant settings.

Keep the number of clicks low

Keep the number of clicks required to initiate the account-linking flow as low as possible. The user shouldn't need more than three clicks to get from your app's home screen to the account linking flow. Starting from the home screen on your app, the following are some common flows.

Example flow 1
The user:

Clicks your app's burger menu.
Clicks Link with Alexa.
Clicks Allow to initiate the account linking flow from your app.
Gives their account-linking consent inside the Alexa app.
Gets redirected to your app.

Example flow 2
The user:

Clicks your app's burger menu.
Clicks Third-Party Integrations. (or similar wording)
Clicks Link with Alexa.
Clicks Allow to initiate the account linking flow from your app.
Gives their account-linking consent inside the Alexa app.
Gets redirected to your app.

Surface the Alexa integration

Make the user aware of the Alexa integration the first time they use your app. For example, at the end of your application set-up experience, implement an additional screen, with an Alexa logo, that directs users toward your app-to-app account linking flow.

If the user clicks the Alexa logo, they are redirected into the app-to-app account linking flow. If the user wants to skip the linking process, you can take them to a screen in the menu structure of your app where they can find the linking flow later.

Review your voice assistant settings

If your app has settings related to voice assistants, make sure that account-linking initiation is accessible from that area.

Usability

To help make app-to-app account linking easy to use, follow these best practices:

Display the correct account linking status.
Provide clear messaging.
Get all required information before redirecting the user.

Display the correct account linking status

To display the correct button on your app (Link versus Unlink), you can check for skill enablement and account linking status for a given user by making a GET request to the Alexa Skill Activation API. However, this gives you a successful response only for users who linked their account using app-to-app account linking. Therefore, we recommend that you also subscribe to the Skill Disabled Event to get notified when a user disables your skill and thereby unlinks their account. You can't rely on the Alexa token pair being present in your backend to determine if a user has linked their account.

Provide clear messaging

Consider the entire app-to-app account linking experience, and provide clear messaging to the user for all user flows. Gracefully handle cases in which the user cancels the account linking experience mid-flow, times out, and so on. Provide clear information about what went wrong.

Get all required information before redirecting the user

Before redirecting the user to the Alexa app or LWA to link their account, ask the user for any other information you require for account linking (additional details, consent, a PIN, and so on).

If the user's request includes a financial transaction or involves personal information, ask the user to answer a previously defined security question before fulfilling their request.

Follow brand usage guidelines

When designing your app's user interface, follow the Alexa Brand Guidelines for Amazon Developers. This helps make it clear to users, at a glance, that they are being asked to link their account to use your service with Alexa.

Unlinking

The following best practices relate to unlinking linked users and notifying unlinked users.

Implement unlinking within your app.
Notify unlinked users.

Implement unlinking within your app

You must give your users an option to unlink their account from within your app. To do so, you need to persist the Amazon access and refresh token pair that your app received during the app-to-app account linking flow for future unlinking requests within your app. You can disable the skill and unlink the account for the user by making a DELETE request to the Alexa Skill Activation API.

For previously linked users who didn't use app-to-app account linking, use the Unlink button to send the user to your skill's page with a Disable skill option within the Alexa app. The link on your skill's page in the Alexa app will look similar to the following examples:

Android: https://alexa.amazon.com/spa/index.html#skills/dp/{skillAsin}
iOS: alexa://{any text}?spa=index.html#skills/dp/{skillAsin}
Fallback (if the Alexa app is not installed): Redirect your users to https://www.amazon.{domain suffix}/dp/{skillAsin}

Notify unlinked users

Inform unlinked users about your account linking feature. There are a number of options for communicating with your user base, including push notifications, "what's new" pop-up screens after updating the app to a new version, release notes in app stores, blog posts, or emails.

Back-end code

To help ensure that app-to-app linking works smoothly, follow these best practices:

Assemble the URLs in the backend.
Ensure that your redirect URI works.

Assemble the URLs in the backend

In your code to Get the user's Amazon authorization code, we highly recommend that you assemble the Alexa app URL and LWA fallback URL in your back-end server, and then pass the assembled URLs to your app. This enables you to quickly change parameters (such as the stage) without rebuilding your app.

Ensure that your redirect URI works

On some occasions, LWA doesn't trigger Universal Links and App Links when it sends back the LWA auth_code in Step 4. To avoid losing the user's intent to link their account, we recommend that you ensure that your redirect_uri is able to fulfill the account linking request if it's opened inside the same web view as the LWA authorization page. To achieve this functionality, send the auth_code that your web page receives in the redirect_uri from Step 4 to your backend server to perform Step 5 and Step 6. Finally, display a success page (Step 7) directly on your web page.

Testing guidelines

In addition to making sure that your skill meets the certification requirements that apply to all skills, we recommend that you test the following aspects:

When the Alexa app is installed, you are able to complete account linking when it is initiated from your app using the Alexa app flow. On Android, if you see a Use a different app selector when opening the Alexa app URL, it means that your version of the Alexa app has invalid App Links. To fix this, delete and re-install the Alexa app.
When the Alexa app isn't installed, you are able to complete account linking when it is initiated from your app or website using the LWA flow. If your implementation doesn't support the LWA flow, your app or website provides a graceful error message to the user.
When account linking fails, your app or website provides a graceful error message to the user.
After you complete account linking, you should be able to unlink the account using your app. You should also see the correct button (Link versus Unlink) depending upon the status of your account linking.

Also be sure to beta test your skill. When you enable beta testing, don't forget to add beta testers.

Note that, until your skill is published, you must set the stage value to development when you use the Alexa app URL and the Alexa Skill Activation API. When your skill is published, use live.

Frequently asked questions

The following are frequently asked questions about the app-to-app account linking flow that starts from your app.

Q: How do I know if the Alexa app isn't installed on the user's mobile device?

For an example of how to determine this in iOS, see Example: Open the URLs in Step 4: Get the user's Amazon authorization code.

Q: I own more than one skill. Can I link accounts for all of them at once?

To protect user trust, app-to-app account linking requires user consent for a specific skill. If you want to link a user's account for more than one Alexa skill, you must take the user through the linking flow more than once.

Q: How do I check if the skill is already enabled and the account is already linked?

You make a GET request to the Alexa Skill Activation API. However, this gives you a successful response only for users who linked their account using app-to-app account linking. To make a GET request to the Alexa Skill Activation API, you need to use the token with permission scope alexa::skills:account_linking.

Q: What if the skill is already enabled and the account is already linked?

In this case, when you make a POST request to the Alexa Skill Activation API, the user's account will be relinked and you will receive a successful response.

Q: How can I get notified when account linking is complete?

You can subscribe to the Account Linked event.

Q: What if a user wants to link Alexa with a different user account than the account that they are currently logged in with in your app?

If a user wants to link Alexa with a different account, they should first log in to your app with the other account and then initiate account linking from within your app. Your app can choose to provide an option to switch accounts within the account-linking flow.

Q: What if a user isn't an existing Alexa user and they don't have the Alexa app installed?

If a user has an Amazon account but isn't an Alexa user, they can simply sign in to the LWA page with their Amazon credentials and then acknowledge the linking request. If a user doesn't have an Amazon account, they can create a new Amazon account on the LWA screen and complete account linking for the skill. The user, however, will need an Alexa-enabled device or Alexa app in order to use Alexa features.

Q: How does a user revoke account linking?

Disabling the skill unlinks the user's account. As with any skill, a user can say, "Alexa, disable {skill name}" or disable the skill from the skill's detail page. You can disable the skill and unlink the account for the user by making a DELETE request to the Alexa Skill Activation API.

Q: What happens when a user disables my skill? Am I notified?

To get notified when a user disables your skill, you can subscribe to skill disabled events. When the skill is disabled, you should revoke your access token and delete the Amazon access token for the user. Alexa also deletes the access token that your service provided, and revokes the Amazon access token.

Q: What if my skill requires permissions? Can I get these during app-to-app account linking?

Permissions (such as device address and user profile information) are currently not part of this account linking flow. When the user invokes the skill with an intent that needs permissions, you'll need to prompt users, through a permissions card, for the respective permissions during runtime.

However, when a user links their account through the other app-to-app account linking flow, App-to-App Account Linking (Starting From the Alexa App), they are prompted to grant permissions. You can grant the required permissions by using that flow.

Q: How do I know if the Alexa app isn't installed on a mobile device?

For an example of how to determine whether the Alexa app is installed on an iOS or Android device, see Example: Open the URLs in Step 4: Get the user's Amazon authorization code.

Q: How do I retrieve a user's authorization code for their account in my service?

You are required to generate the user's authorization code by using your authorization server. In the traditional account linking flow, this authorization code is generated in the step in which a user logs in to your service and provides consent to link with Alexa. In app-to-app account linking (starting from your app), the user is already logged in, so you need to programmatically generate a new authorization code for the user from your OAuth provider. The user must not be required to log in and provide consent again.