Generate V3 Refresh Token for API Authentication

[MrTemple]

Tesla has changed how they do authentication (referred to now as v3). Every app and site that uses the API has to be updated.

And if you don't want to give apps/sites your Tesla.com credentials (which you shouldn't, no matter how much you trust them, because they can always be hacked with a harvester), then you need to generate a special token the apps/sites can use to talk to the Tesla scripting API.

This is like a 'valet key' for the scripting interface, giving the 3rd party very limited access to just the features they need.

Here's a working PHP script to locally generate your V3 Refresh Token.

**Working** PHP to Generate Refresh Token (Steps 1-4) · Discussion #288 · timdorr/tesla-api

Confirmed to work with TeslaFI.com (which has already been updated to support the new authentication).

 

[Ostrichsak]

Tesla has changed how they do authentication (referred to now as v3). Every app and site that uses the API has to be updated.

And if you don't want to give apps/sites your Tesla.com credentials (which you shouldn't, no matter how much you trust them, because they can always be hacked with a harvester), then you need to generate a special token the apps/sites can use to talk to the Tesla scripting API.

This is like a 'valet key' for the scripting interface, giving the 3rd party very limited access to just the features they need.

Here's a working PHP script to locally generate your V3 Refresh Token.

**Working** PHP to Generate Refresh Token (Steps 1-4) · Discussion #288 · timdorr/tesla-api

Confirmed to work with TeslaFI.com (which has already been updated to support the new authentication).

Thanks for doing this. Very useful for those who wish to use 3rd party apps w/o surrendering their login and password.

 

[insaneoctane]

Looking for powershell snippet that handles authentication if anyone is sharing

 

[FlyPetitPrince]

Tesla has changed how they do authentication (referred to now as v3).
{...}
Here's a working PHP script to locally generate your V3 Refresh Token.

Thanks, Thanks, and MILLION THANKS @MrTemple !!!
EDIT: I do confirm it's fully working on TeslaFi as well as ABRP

QUESTION: does it also work with double authentication ?

Fly

 

[FlyPetitPrince]

Hello,

It's unfortunately not working anymore...

array(2) {
["response"]=>
string(17) "invalid_sso_token"
["refresh_token"]=>
NULL
}

Does anybody know how to generate a Token on MAC with a similar method or could the script be updated ?
Thanks,
Fly

 

[tjbonzo]

Hello,

It's unfortunately not working anymore...

array(2) {
["response"]=>
string(17) "invalid_sso_token"
["refresh_token"]=>
NULL
}

Does anybody know how to generate a Token on MAC with a similar method or could the script be updated ?
Thanks,
Fly

Getting (mostly) the same message (along with some notices).

$ php /home/bob/bin/tesla.php PHP Notice: Undefined offset: 1 in /home/bob/bin/tesla.php on line 323 PHP Notice: Trying to access array offset on value of type null in /home/bob/bin/tesla.php on line 350 PHP Notice: Trying to access array offset on value of type null in /home/bob/bin/tesla.php on line 351 PHP Notice: Undefined index: access_token in /home/bob/bin/tesla.php on line 375 array(2) { ["response"]=> string(17) "invalid_sso_token" ["refresh_token"]=> NULL } 323: $code= explode('&',explode('https://auth.tesla.com/void/callback?code=',$apiResult)[1])[0]; 350: $BearerToken = $apiResultJson['access_token']; 351: $RefreshToken = $apiResultJson['refresh_token']; 375: $this->accessToken = $apiResultJson['access_token'];

 

[tjbonzo]

Not much help with this PHP script, but I was able to get the python script at teslascope/tokens to work.

 

[FlyPetitPrince]

I found the iPhone App which works like a charm if it may helps some of you --> ‎Auth app for Tesla

 

[morphine]

Watching this thread, need to fix my php script

 

[morphine]

I found the iPhone App which works like a charm if it may helps some of you --> ‎Auth app for Tesla

Thanks for this, at least a workaround to create the token file again

 

[Spectra207]

I'm looking to generate my own token to avoid providing credentials to any third-party and I've seen mention in this thread and elsewhere of the Auth app for iOS. What makes that app any more trustworthy than the third-party app you're ultimately generating the token for? Looking to understand this better.
Thanks

 

[insaneoctane]

Bumping this thread almost one year later to see if anyone has newer solution(s)?

 

[gnuarm]

God! Sometimes I feel like a complete dinosaur. If Tesla requires the use of "tokens" to authenticate access to your car, why is it there is not a means of generating tokens that doesn't require downloading scripts from unknown sources? In other words, WTF???!!!

 

[Vipercat]

@gnuarm , Tesla does not require us to use tokens, it’s their mechanism to uplift the security of the communication between the Tesla App and the car after you’ve authenticated. It’s “us” that want to use 3rd party tools/software to connect with the car and/or access data from the car which Tesla doesn’t want us to do. Now one could argue whether or not Tesla should allow us to do that or not. We bought the car, so It’s ours, right? I won’t pick a side on this one though.

 

[gnuarm]

I figured out my problem. I was trying to use ABRP on the web and could not figure out how to log into the car. Turns out they no longer allow password access to the car through the web. You have to log into the car through the phone app. The app generates a token which it shares with the web page.

One of the things I hate about ABRP is the near total lack of documentation or useful help in the tool. I might spend as much time trying to figure out how to use it or deal with the updates since I last used it as I do actually using it to plan trips. Reminds me of my car.

This is far too much work. If this is what driving is going to be like in the future, I might just start taking cabs.

Now, time to plan that trip!