Actions on Google Account Linking is not sending Authorization Header With Requests

Question

I am currently setting up an Actions on Google system which uses API.AI as well. I went through the account linking setup, and got all of that working. In the simulator, once I link I get sent to google.com with a "success" query parameter, as specified in Google's documents.

Once the accounts are linked though, and I make a request to my service through Google Home or the simulator, Google is not appending the Authorization header in its request to my service. Is there some sort of setup I need to do on the API.AI side? Is the token not passed as an Authorization header, but rather passed in the body for some odd reason?

Ninja Edit: I'm using a grant type of "Authorization Code" in the Actions on Google setup.

Thanks in advance for the help!

Answer 1

Instead of sending it in the header, Actions on Google sends it through an attribute in the JSON that you receive. You can get the value at user.accessToken if you are looking at the JSON or via app.getUser().accessToken if you are using the Node.js library.

See https://developers.google.com/actions/reference/rest/Shared.Types/AppRequest#User and https://developers.google.com/actions/reference/nodejs/AssistantApp#askForSignIn for details.

Note that the page at https://developers.google.com/actions/identity/oauth2-code-flow#handle_data_access_requests seems to suggest that it would be in the header (and logic suggests it should be as well!), but this appears to be a generic set of instructions and not specific to Actions.