otonomo-docs

Test Drive Vehicle Data from Otonomo

Our connected car data is now accessible for developers

Authorization

Otonomo's newly developed and incorporated authorization flow guarantees applications run securely and offer drivers full control over the data they share.

Otonomo's Platform is managed through an OAuth2 framework and was designed to allow Service Providers the ability to interact with vehicles using Otonomo's API.

Based on the data requested, different tokens are utilized to ensure proper authentication is done. Here are the two types of tokens:

Workspace Access Token

This token is used to access Aggregate data and Fleet data.

Request

The Workspace Access Token can be fetched by using the following header in the API request:

Header

Description

content_type

application/x-www-form-urlencoded

The request body parameters should be provided in the format described within the header and should consist of the following:

Parameter

Description

grant_type

Always "client_credentials".

client_id

Your identification string - Read more here

client_secret

The client password - Read more here

service

The Service ID - Read more here

📘

FYI

To get your client_id , client_secret and service ID Read here

Request

The request below is for an account which was created in https://market.otonomo.io/:

curl -X POST \
  https://api.otonomo.io/v1/oauth/token \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'client_id=FhiDWkmn5j7vghfgherVDlkdeABC&client_secret=NHeN4UqVsohGS55I7LBdhFGqA&grant_type=client_credentials&service=MyService'

The request below is for an account which was created in https://market.eu.otonomo.io/:

curl -X POST \
  https://api.eu.otonomo.io/v1/oauth/token \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'client_id=FhiDWkmn5j7vghfgherVDlkdeABC&client_secret=NHeN4UqVsohGS55I7LBdhFGqA&grant_type=client_credentials&service=MyService'

Response

The response will include an access token.

{
  "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik5UTkZORGxHT0VJeE5qZzNNVUkxUmpJMVJUZEJPRE15UlVVM05VTTJOa1ZETjBNNU1URTVOUSJ9.eyJodHRwczovL290b25vbW8uaW8vbmFtZSI6Im90b0FwcHMiLCJodHRwczovL290b25vbW8uaW8vdXNlcl90eXBlIjoidG9ub21vLmlvL3ZlbmRvciI6Im90b0FwcHMiLCJpc3MiOiJodHRwczovL2F1dGgub3Rvbm9tb",
  "expires_in": 86400,
  "token_type": "Bearer"
}

📘

Workspace Access Token expiration

Please note that within the response body you have the time (in seconds) until the token's expiration

Use this token as a header within each API request. The header title should be "authorization" and the value is the access token string preceded by the word "Bearer".

Below is an example:

Header

Description

authorization

Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik5UTkZORGxHT0VJeE5qZzNNVUkxUmpJMVJUZEJPRE15UlVVM05VTTJOa1ZETjBNNU1URTVOUSJ9.eyJodHRwczovL290b25vbW8uaW8vbmFtZSI6Im90b0FwcHMiLCJodHRwczovL290b25vbW8uaW8vdXNlcl90eXBlIjoidG9ub21vLmlvL3ZlbmRvciI6Im90b0FwcHMiLCJpc3MiOiJodHRwczovL2F1dGgub3Rvbm9tb

Read more about Workspace Access Token here

Driver Access Token

Driver Access Token is required for obtaining Personal data - private ownership. Please refer to Obtaining Driver Consent

Updated 3 months ago

Authorization


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.