Fulfillment is code that is deployed as a webhook that lets you generate dynamic responses for every type of smart home intent. During a user conversation with the Google Assistant, fulfillment allows you to use the information extracted by Google's natural language processing to generate dynamic responses or trigger actions on your back-end such as turning on a light.
Your fulfillment receives requests from the Assistant, processes the request and responds. This back-and-forth request and response process drives the conversation forward until you eventually fulfill the initial user request. In most cases, a user would have a simple smart home interaction with the Google Assistant such as Hey Google, turn on my light. However, if you implement two-factor authentication , your fulfillment might have to process multiple requests and responses as the Google Assistant might ask for a confirmation PIN after a specific user request such as Hey Google, unlock my front door.
Figure 1 shows a successful fulfillment and execution of a smart home
Authentication allows you to link your users' Google accounts with user accounts in your authentication system. This allows you to identifiy your users when you receive a smart home intent on your fulfillment. Google smart home only supports OAuth with an authorization code flow.
For smart home, you need to use OAuth with an authorization code flow, which required you to have two endpoints, the authorization and token exchange endpoints. See account linking with OAuth.
When you have authenticated a user, the user's third-party OAuth 2 access token
is sent in the Authorization header when smart home intents are sent to your
fulfillment. All users have to perform account linking, because device
information is sent to the Assistant with the
intent, which requires account linking.
Your smart home Action is expected to support multiple Google users connecting to the same user account (for example, when users give access to other users in their household). If your service can't support multiple user connections, it should provide errors at account linking time.