The initial authentication process is via an OAuth 2.0 Password Grant with the same credentials used for tesla.com and the mobile apps.
The current client ID and secret are available here.
You will get back an access_token
which is treated as an OAuth 2.0 Bearer Token. This token is passed along in an Authorization
header with all future requests:
Authorization: Bearer {access_token}
The access token has a 45 day expiration.
Field | Type | Example | Description |
| String, required |
| The type of OAuth grant. Always "password" |
| String, required |
| The OAuth client ID |
| String, required |
| The OAuth client secret |
| String, required |
| The email for the authenticating Tesla account |
| String, required |
| The password for the authenticating Tesla account |
{"grant_type": "password","client_id": "abc","client_secret": "123","email": "elon@teslamotors.com","password": "edisonsux"}
{"access_token": "abc123","token_type": "bearer","expires_in": 3888000,"refresh_token": "cba321","created_at": 1538359034}
You can use the refresh_token
from the Password Grant to do an OAuth 2.0 Refresh Token Grant and obtain a new access token. Note: This will invalidate the previous access token.
Field | Type | Example | Description |
| String, required |
| The type of OAuth grant. Always "refresh_token" |
| String, required |
| The OAuth client ID |
| String, required |
| The OAuth client secret |
| String, required |
| The refresh token returned from a previous token request. |
{"grant_type": "refresh_token","client_id": "abc","client_secret": "123","refresh_token": "cba321"}
{"access_token": "abc123","token_type": "bearer","expires_in": 3888000,"refresh_token": "cba321","created_at": 1538359034}