Yeah I figured this out in about 10 minutes of getting early access.
What we all seem to be zeroing in on is having the ASK app (using a service hosted somewhere else, ie, your management service in the cloud for your app) create a user account for users of the ASK service, should they need additional info, or keep state, etc.
ASK app gets a request
Lookup user_id in cloud service
If found and registered, continue,
if not found, generate unique code, tell user "go to http://foo.com, enter your code XYZZY, and create an account to use this service"
If found but not registered "remember you must visit ttp://foo.com, enter your code XYZZY, and create an account to use this service"
if found and registered, proceed, saving state in the service for that user, etc.
On the cloud website:
Login or Create Account with Code
Login (normal user/pass for existing users)
Enter code, look it up, if found have them create a user/pass, then take them to whatever form you need for data for your app (for example, doing an OAuth with SmartThings to get access to a REST endpoint.)
Not the cleanest UX, but doable.