Implementing Authentication

When users add your service to their household, they enable Sonos to access their account. Sonos can send the user to your mobile app or to a Web page to enter credentials. For users with the Sonos app on mobile devices, you can offer "app authentication" in which Sonos opens a deep link to your app to perform the authentication. For users who don't have your app installed, or who aren't using a mobile device, you can enable users to go to a Web page to enter their credentials. We call this "browser authentication".

Sonos uses one API call to provide both of these options. You must at least enable browser authentication to provide a Web page for users to enter their credentials. However, we encourage you to offer both browser and app authentication for the best user experience. 

Finally, you can decide not to use any authentication, also known as "anonymous access". For example, your service could use anonymous access to offer a limited free trial. Anonymous access limits the features available for your service. For example, you can't offer personalization options saved to a user's account like favorites or playlists. You also can't secure your content from anyone with access to the URL for the media.

To get started with your implementation, follow this reading path:

  1. Learn the details you need to implement browser authentication by reading Starting an implementation using browser authentication.
  2. Process API header credentials to authenticate all API calls and handle refresh authentication tokens by reading Processing authentication credentials for API requests.
  3. Add app authentication to your service by reading Implementing app authentication.
    This contains details for both iOS and Android apps.
  4. Provide to users the opportunity to create a new account with your service by reading Providing for new user accounts to your service. 
  5. Add error handling to your implementation by reading Handling errors during authentication.

 

A Note about Devicelink and Session ID authentication

If your service has already implemented DeviceLink or Session ID authentication, your existing implementations will continue to work. However, we recommend you update your implementation. See Upgrading from DeviceLink, Session ID, or anonymous access and contact your Sonos representative for more information. For new implementations we do not recommend using either DeviceLink or session ID authentication.