search

timdorr / tesla-api

🚘 A Ruby gem and unofficial documentation of Tesla's JSON API for the Model S, 3, X, and Y.
https://tesla-api.timdorr.com/
MIT License
2k stars 534 forks source link

403 status code on http://auth. tesla.com/oauth2/v3/authorize.. after entering email #744

Closed itsMeDavidV closed 1 year ago

itsMeDavidV commented 1 year ago

Over the last 2 days an increasing number of users are reporting getting access denied (403) responses after entering their email when trying to sign in via http://auth.tesla.com/oauth2/v3/authorize

Context: on a mobile safari web browser (so javascript & captcha issues mentioned in other places/issues not relevant), user-agent: Mozilla

Common response:

Access Denied
You don't have permission to access "http://auth. tesla.com/oauth2/v3/authorize?" on this server.
Reference #18.401. . .

I cannot reproduce this issue myself under the same parameters and most users are not experiencing this under the same parameters. It would seem as though these users might be randomly blocked?

Rate-limiting doesn't seem to be a factor as most affected users got 403 on first try.

All are able to sign in to tesla.com. Some have corrected the issue via switching connections (eg: WiFi -> Cellular). Some have been able to obtain tokens on their own using the same connection.

Unfortunately this is completely unexplained at the moment.

itsMeDavidV commented 1 year ago

Additionally it appears the Tesla app is using a new GET param: is_in_app=true and uses a new value for scope: openid email offline_access phone