Owner API will stop working as vehicles begin requiring end-to-end command authentication in 2024

[itsMeDavidV]

https://github.com/teslamotors/vehicle-command

[itsMeDavidV]

direct quote:

Following the release of Tesla Vehicle Command SDK support for REST API vehicle command endpoints is now reaching end of life. Starting 2024 most vehicles will require sending commands via Tesla Vehicle Command SDK.

The use of Tesla http proxy is recommended for ease of development and to accelerate the transition to Tesla Vehicle Command (via SDK). When applicable, the proxy will transform Rest API HTTP commands into signed commands. Once configured, developers can simply point their application to the proxy without making any code changes to their application.

src: https://developer.tesla.com/docs/fleet-api?shell#fleet-telemetry

[vagh141]

Will most existing apps get approved?

[purcell-lab]

A documented and supported API from Tesla, this is fantastic news!

[GaPhi]

I understand that pre-2021 S and X cars will not be compatible with this new API but will still be with current one.

This should be considered for applications...

Le mer. 11 oct. 2023 à 11:52, Mark Purcell @.***> a écrit :

A documented and supported API from Tesla, this is fantastic news!

— Reply to this email directly, view it on GitHub https://github.com/timdorr/tesla-api/issues/763#issuecomment-1757293605, or unsubscribe https://github.com/notifications/unsubscribe-auth/ADUNWNJPQCU3YD5FJICCZV3X6ZT4ZANCNFSM6AAAAAA53R3RGU . You are receiving this because you are subscribed to this thread.Message ID: @.***>

[itsMeDavidV]

I understand that pre-2021 S and X cars will not be compatible with this new API but will still be with current one.

Hi @GaPhi can you point to where you found this info?

[timdorr]

https://developer.tesla.com/ https://developer.tesla.com/docs/fleet-api

I think we're done here! This will very likely mean the end of this project and usage of the API outside of sanctioned projects. I guess we'll stay tuned as they publish more things.

[itsMeDavidV]

I think we're done here!

end of an era!

[kribensa]

I understand that pre-2021 S and X cars will not be compatible with this new API but will still be with current one.

Hi @GaPhi can you point to where you found this info?

It’s a quote from the last section on the github page https://github.com/teslamotors/vehicle-command

I truly hope it’s a misunderstanding because then there will be two APIs and unless the new one has tantalisingly new functionality, the old/current one will continue to be used to widen the audience

[kribensa]

I understand that pre-2021 S and X cars will not be compatible with this new API but will still be with current one.

I wonder where an older car with the MCU2 upgrade fits into this. Ie is it the MCU version that determines compatibility or other factors?

[itsMeDavidV]

@kribensa thanks, must've missed it.

I truly hope it’s a misunderstanding because then there will be two APIs and unless the new one has tantalisingly new functionality

Unfortunately, it's prob not. Pre-refresh Model S & X don't support VCSEC (eg: no BLE compatibility) and BLE is integrated into a significant portion of the new vehicle-command protocol.

So this:

I wonder where an older car with the MCU2 upgrade fits into this. Ie is it the MCU version that determines compatibility or other factors?

will prob have no effect :/

the old/current one will continue to be used to widen the audience

This prob won't be so bad with the new tesla-http-proxy, but if you skip the proxy entirely and adopt the new vehicle-commands protocol natively then yeah that will be a huge pain.

Hopefully @teslamotors chooses to reverse this decision and support older Model S & X vehicles in vehicle-command

[purcell-lab]

I think we're done here! This will very likely mean the end of this project and usage of the API outside of sanctioned projects. I guess we'll stay tuned as they publish more things.

@timdorr I would like to thank you for all the work you have done bringing the unofficial API to the masses, I know I utilise it's befits every day.

I would also like to think that your work here has helped Tesla bring forward a documented and supported API as they have been able to see the befits of a third party eco system.

[timdorr]

It only took 10 years! (e9a161aef8d1a0b1f328f82e32f5951539fef63d)

[purcell-lab]

It only took 10 years! (e9a161a)

It can take a long time to become an overnight success.

[jonahwh]

Will most existing apps get approved?

I just applied and was immediately rejected. No reason was given.

[Rockster160]

I just applied and was immediately rejected. No reason was given.

That's interesting. I applied and was immediately approved. I didn't select all of the scopes, and I filled out all of the details as a "company".

[purcell-lab]

That's interesting. I applied and was immediately approved. I didn't select all of the scopes, and I filled out all of the details as a "company".

What did you use for your OAuth provider?

[Rockster160]

What did you use for your OAuth provider?

I have a personal web server that I run a bunch of home/life automations on. I do OAuth through that.

[norenz92]

What did you use for your OAuth provider?

I have a personal web server that I run a bunch of home/life automations on. I do OAuth through that.

Do you know if it's possible to get a list of referrals through their API?

[drnic]

Thanks @timdorr and everyone who contributed to the API docs + ruby code over the last decade!!

[drnic]

Perhaps this repo can become a Ruby client only for new API endpoints; new requirements like /vehicle_data?endpoints=location_data;charge_state

[purcell-lab]

Looks like the EV.energy folks have something working already. https://twitter.com/teslaownersSV/status/1724102225579188453?t=Qd7mDeInbR3poLKTL7zHxw&s=19

ChargeHQ also have a working solution now: https://www.tesla.com/_ak/tesla.chargehq.net

[SylvainGa]

Looks like teslafi can be used as a (paid) proxy. Could this be an option for this project to keep living?

[nbosio1001]

I am extremely confused. So is this website being deprecated? https://developer.tesla.com/docs/fleet-api/getting-started/what-is-fleet-api. Is this old? If not, what API is being deprecated? Do you have a link?

[lotharbach]

@nbosio1001 So there are multiple things going on:

Teslas Owner API is not a public API and has never been. Tesla uses it for their own App, but never intended for people to use it as well. Tesla changes this API to whatever they want and need internally without notice. As there was no alternative in the past, Tesla was very tolerant of third party use of the Owner API.

Tesla recognized the need for proper third-party apps and started offering the official Fleet API. It is obvious that unpaid access to that API will have some restrictive limits, but it is at least a stable foundation to build upon. This is the only API that Tesla wants you to use from now on, and now that Fleet API exists it is unlikely the will remain as tolerant to third party use of the Owner API and might take technical measures to block access in the future.

That summarizes the "Owner to Fleet API" transition requirement.

Independent and in parallel to all the above, Tesla recognized sending commands from the internet to a vehicle is very security sensitive if not done right, and implemented "end-to-end command authentication" that uses modern cryptography and requires registering cryptographic keys in the vehicle. They rolled that out and tightened the screws on that step by step but now you should expect any modern Tesla vehicle to enforce command siging. Unsigned commands then can no longer be send to such vehicles in neither API, and that is what Tesla announced as the "Vehicle commands endpoint deprecation timeline" and "Rest API vehicle commands endpoint - deprecation warning" in the Fleet API documentation.

So that is a second additional big change that people need to deal with when they still want to send commands directly to a Tesla vehicle.