# How do I Link Application Identities?

## Before you start

**Make sure you have:**

* An [Abbey account](https://app.abbey.so/sign-up)
* An [Abbey API Token](/admin/managing-api-tokens.md#creating-new-api-tokens)
* The User ID of the Abbey user you want to link identity data for

## Step 1: Identify which application you are linking data for

Abbey has first-class support for linking data for certain applications. Other applications can also have application identity data linked, but Abbey enforces a certain structure on first-class applications to make sure that you have all the identity data you need to successfully use Abbey.

To find out what the structure of your app data payload should be, take a look at [Supported Application Identity Types and Schemas](/reference/linking-application-identities-into-abbey/supported-application-identity-types-and-schemas.md)

In this page we'll be linking Github application identity data.

## Step 2: Make an API request to our Users API to link identity data

We'll be making a request to the [Users API](https://developers.abbey.io/#operation/createAppData) to link data an external identity to an Abbey identity. 

```sh
curl \
  -H "Authorization: Bearer $ABBEY_API_TOKEN" \
  -H 'Content-Type: application/json' \
  -X POST "https://api.abbey.io/v1/users/<userID>/apps" \
  -d '{"type": "<app type>", "data": { ... app data ... }}'
```

As an example, we wish to link this user's Github username:

<pre class="language-sh"><code class="lang-sh"><strong>curl \
</strong>  -H "Authorization: Bearer $ABBEY_API_TOKEN" \
  -H 'Content-Type: application/json' \
  -X POST "https://api.abbey.io/v1/users/user/user_2U4vhAMp6hByuOVA7EGwEwmI5NK/apps" \
  -d '{"type": "github", "data": {"username": "Alice"}}'
</code></pre>

Let's take a closer look at the JSON payload we're POSTing:

```json
{"type": "github", "data": {"username": "Alice"}}
```

Here we're specifying that the type of application we're linking data for is `github` and that we have a data payload which contains a `username` key whose value is `Alice`. The structure of the `data` payload differs per application, and is unspecified for app types not supported. Look at [Supported Application Identity Types and Schemas](/reference/linking-application-identities-into-abbey/supported-application-identity-types-and-schemas.md) to see a list of custom applications and the structure of each application type.

## Step 3: Use your Imported Identity Data in a Grant Kit

When creating a grant kit, in your output block you can make references to imported application data and Abbey will fill in these references with the data you imported in the above step. For example:

```
{{ .user.github.username }}
```

will resolve to a Github username linked through the API.

Here's an example:

Let's create the output block of a grant kit which uses the application identity data we just imported to grant access to a resource:

```hcl
  output = {
    # Replace with your own path pointing to where you want your access changes to manifest.
    # Path is an RFC 3986 URI, such as `github://{organization}/{repo}/path/to/file.tf`.
    location = "github://organization/repo/access.tf"
    append = <<-EOT
      resource "github_team_membership" "gh_mem_{{ .user.github.username }}" {
        team_id = github_team.test_team.id
        username = "{{ .user.github.username }}"
        role = "member"
      }
    EOT
  }
```

Note that the `username` block will be templated by the Github username we linked in Step 2.

That's it! Now you've imported your application identity information into Abbey.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.abbey.io/reference/linking-application-identities-into-abbey/how-do-i-link-application-identities.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.