Good question. One option could be to grab the access token when a user installs the app. You can JWT decode this to determine which user/account it belongs to. You can see my post here for more details on this approach (different topic, but decoding the access token is still relevant):