Android: Linking Accounts

View on Github

Android: Linking Accounts

Gravatar for
By Luciano Balmaceda

This tutorial will show you how to link two different accounts for the same user. We recommend you to Log in to follow this quickstart with examples configured for your account.

I want to explore a sample app

2 minutes

Get a sample configured with your account settings or check it out on Github.

View on Github
System requirements: Android Studio 2.3 | Android SDK 25 | Emulator - Nexus 5X - Android 6.0

Before You Start

Before you continue with this tutorial, make sure that you have completed the previous tutorials. This tutorial assumes that:

  • You have integrated Auth0 as a dependency in your project.
  • You are familiar with the WebAuthProvider class. To learn more, see the Login and the Session Handling tutorials.
  • You are familiar with the concepts of userId, accessToken and idToken. You can find info about them in the Session Handling and the User Profile tutorials.

We recommend that you read the Linking Accounts documentation to understand the process of linking accounts.

API scopes on Authentication

As seen previously in the User Profile tutorial, you need to request the Management API audience and the corresponding scopes to be able to read the full user profile and edit their identities, since they are not part of the OIDC specification. Each identity in the user profile represents details from the authentication provider used to log in. e.g. the user's Facebook account details.

Find the snippet in which you initialize the WebAuthProvider class. To that snippet, add the line withScope("openid profile email offline_access read:current_user update:current_user_identities") and withAudience(String.format("https://%s/api/v2/", getString(R.string.com_auth0_domain))).

Note that the Management API audience value ends in / in contrast to the User Info audience.

Enter Account Credentials

Your users may want to link their other accounts to the account they are logged in to.

To achieve this, you need to store the user ID for the logged user in the Intent, along with the ID Token and Access Token provided by the LoginActivity at launch, which are already available in the intent extras.

Obtain the stored values in LoginActivity.

First in onCreate, check if a new account linking was requested. Check as well if a previous savedInstanceState exists and contains the "logging in" state. This flag is set when the web authentication is launched and must be correctly handled to avoid state loss.

In the login response, based on the boolean flag set in the first step, decide if you need to show the MainActivity screen, or continue to link the accounts.

Make sure to handle the callback's failure calls as well

Now, you can link the accounts. To do this, you need the logged-in user's ID and Access Token, and the ID Token for the secondary account received in the last login response.

Retrieve the Linked Accounts

The updated list of identities is returned in the link method response. Alternatively, obtain the user's full profile, use the user's ID to call the getProfile method in the UsersAPIClient class. The profile includes the linked accounts as the UserIdentities array.

For more information, check the class documentation.

To unlink the accounts, you need to specify the following:

  • user ID for the main account
  • user ID for the linked account
  • the provider name for the linked account

To instantiate the UsersAPIClient client, use the Access Token for the main account like before.

Use Auth0 for FREE