1

I have a running website, where users already have accounts. And I am trying to create a Google Assistant agent, accessible on Android, to help users access their information.

My issue is that I can't detect returning users on Android Smartphones, each time they have to sign in.

I tried Anonymous User Identity, but it is soon to be deprecated.

Is there an other way to keep track of users?Using some kind of userId that I can store, so I can make "my own Acount Linking" linking the person/Smartphone with already existing user accounts.

  • Can you elaborate about why you can't use Account Linking? – Prisoner Apr 03 '19 at 14:41
  • Since there are multiple possibilities to sign up to the website (Gmail, Yahoo, phone number ...). And the website does not support OAuth authentication. For these reasons I ruled out Account Linking. @Prisoner –  Apr 03 '19 at 14:58
  • I reread the account linking Docs and I think that I had it wrong. But there are diffrent ways to do it. –  Apr 05 '19 at 12:46

1 Answers1

0

There are a few angles to your question.

Is there any way to keep track of users?

Yes... but...

You can store a userId that you generate in the user storage area. You do need to treat this like you would a cookie, so some jurisdictions might impose restrictions on this, but this is one approach to moving from the anonymous ID that is being turned off soon.

But...

How do I let them log into my service through the Action?

That is the problem. The General Policies states the following limitation for collecting user data:

Authentication Data (including passwords, PINs, and answers to security questions)

Don't collect authentication data via the conversational interface (text or speech). After a user's account has been linked, PINs or passwords may be used as part of a second verification process.

So you need to use Account Linking to connect to the existing account on your service.

How can I do Account Linking if I don't require Google Sign-In?

You can still use Google Sign-In for Assistant if it will (or may) provide the information as part of the profile that match what you have. So it doesn't need to use the same account - just have the same email (for example).

But that still may not be enough.

For other cases, you can look into setting things up to work with an OAuth server that you control.

So why use Google Sign-In if I setup an OAuth server that uses Google Sign-In?

Google Sign-In is good for a more streamlined flow, if you can use it. It can be done completely with voice, such as with a smart speaker, instead of requiring the user to go to a phone to complete the login. So if you have the user's email address in your account system, and you also get this from Google Sign In, then you can connect the two accounts.

In some cases, such as if the user is expected to have logged into the account on your website first, they won't even need to do that. If both the voice client and web client use the same Google project, then authentication will take place automatically.

Community
  • 1
  • 1
Prisoner
  • 49,922
  • 7
  • 53
  • 105
  • Thank you for your detailed response. I am juste wondring in case I added an OAuth server, why use Google Sign-In? Can I only use the [Account linking with OAuth](https://developers.google.com/actions/identity/oauth2) ? –  Apr 08 '19 at 14:34
  • I used Keycloak as an authentification server. But after I put the user name and password I get this error " An error occurred in returning the result ". And I did not find a way to debug it –  Apr 17 '19 at 14:35
  • It sounds like you should start a new question, providing as much information as possible about how you have things setup and any logs that you can provide. – Prisoner Apr 17 '19 at 20:36
  • I did, here is the [link](https://stackoverflow.com/questions/55693603/google-assistant-account-linking-with-keycloak). Any thoughts? –  Apr 18 '19 at 13:52