An account can become unauthorized for a variety of reasons depending on the integration, such as a token expiring, a password change, or a security breach. This blog post talks about account authorization status events and utilizing the account relinking feature to reinstate an account.
How can you gain insight to account authorization status?
Yonomi Platform offers a webhook event type linkedAccountAuthorizationEvent
that can provide some insight in a scenario like this.
Today, when a linked account is not authorized and a user tries to action a device, a failed deviceEventUpdateAction
event will be returned. Here is an example of what that event looks like:
{
"type":"deviceEventUpdateAction",
"content":{
"deviceId":"{device id}",
"actionId":"{action id}",
"status":"failed"
}
}
With this new feature, an event is emitted in the following scenarios:
-
When an account is authorized:
{
"type":"linkedAccountAuthorizationEvent",
"content":{
"linkedAccountId":"{linked account id}",
"authorizationStatus":"AUTHORIZED"
}
}
When an account is unauthorized:
{
"type":"linkedAccountAuthorizationEvent",
"content":{
"linkedAccountId":"{linked account id}",
"authorizationStatus":"NOT_AUTHORIZED"
}
}
And when a user attemps to action a device while the account is not authorized:
{
"type":"linkedAccountAuthorizationEvent",
"content":{
"linkedAccountId":"{linked account id}",
"authorizationStatus":"NOT_AUTHORIZED"
}
}
Can I reauthorize accounts?
Yes! Yonomi Platform provides a way to renew this authorization by using the account relinking feature.
An example relinking request:
mutation generateAccountRelinkingUrl ($linkedAccountId: ID!) {
generateAccountRelinkingUrl(linkedAccountId: $linkedAccountId) {
url
expiresAt
integration {
id
displayName
}
}
}
You can make a relinking request for your linked account when the account state is NOT_AUTHORIZED
. This generates a relinking URL that follows the same authorization flow as the initial account linking - for example: the URL will direct you to an account linking portal where you enter the credentials for the desired integration (ie: Schlage account).
How do I get access?
Contact your customer success representative and ask them to enable the linkedAccountAuthorizationEvent
event.
Note: It is possible that duplicate linkedAccountAuthorizationEvent
notifications are generated. We recommend ignoring any duplicates.