Account Relinking

Posted November 16, 2022 by Customer Success ‐ 2 min read

An account can become unauthorized for a variety of reasons depending on the integration, such as a token expiring, a password change, or a security breach. This blog post talks about account authorization status events and utilizing the account relinking feature to reinstate an account.

How can you gain insight to account authorization status?

Yonomi Platform offers a webhook event type linkedAccountAuthorizationEvent that can provide some insight in a scenario like this.

Today, when a linked account is not authorized and a user tries to action a device, a failed deviceEventUpdateAction event will be returned. Here is an example of what that event looks like:

{
    "type":"deviceEventUpdateAction",
    "content":{
        "deviceId":"{device id}",
        "actionId":"{action id}",
        "status":"failed"
    }
}

With this new feature, an event is emitted in the following scenarios:

    When an account is authorized: 
    {
    "type":"linkedAccountAuthorizationEvent",
    "content":{
        "linkedAccountId":"{linked account id}",
        "authorizationStatus":"AUTHORIZED"
    }
}

    When an account is unauthorized:

    {
    "type":"linkedAccountAuthorizationEvent",
    "content":{
        "linkedAccountId":"{linked account id}",
        "authorizationStatus":"NOT_AUTHORIZED"
    }
}

    And when a user attemps to action a device while the account is not authorized:

    {
    "type":"linkedAccountAuthorizationEvent",
    "content":{
        "linkedAccountId":"{linked account id}",
        "authorizationStatus":"NOT_AUTHORIZED"
    }
}

Can I reauthorize accounts?

Yes! Yonomi Platform provides a way to renew this authorization by using the account relinking feature.

An example relinking request:

mutation generateAccountRelinkingUrl ($linkedAccountId: ID!) {
 generateAccountRelinkingUrl(linkedAccountId: $linkedAccountId) {
 url
 expiresAt
 integration {
      id
      displayName
  }
 }
}

You can make a relinking request for your linked account when the account state is NOT_AUTHORIZED. This generates a relinking URL that follows the same authorization flow as the initial account linking - for example: the URL will direct you to an account linking portal where you enter the credentials for the desired integration (ie: Schlage account).

How do I get access?

Contact your customer success representative and ask them to enable the linkedAccountAuthorizationEvent event.

Note: It is possible that duplicate linkedAccountAuthorizationEvent notifications are generated. We recommend ignoring any duplicates.