A Node.js API that handles Tesla's OAuth 2.0 authentication flow with PKCE (Proof Key for Code Exchange) support. This API provides endpoints to generate authentication URLs, handle login callbacks, and refresh access tokens for Tesla's authentication system.
- OAuth 2.0 authentication flow with PKCE
- Secure token generation and handling
- Access token refresh functionality
- Type-safe implementation using TypeScript
- Clone the repository
- Install dependencies:
npm installThe API uses environment variables for configuration. Create a .env file in the root directory with the following variables:
PORT=3000GET /auth/urlGenerates a Tesla authentication URL with PKCE challenge.
Response
{
"success": true,
"url": "https://auth.tesla.com/oauth2/v3/authorize?...",
"code_verifier": "random_string",
"code_challenge": "hashed_challenge",
"state": "random_state"
}POST /auth/loginRequest Body
{
"webUrl": "https://auth.tesla.com/void/callback?code=...",
"codeVerifier": "previously_generated_code_verifier"
}Response
{
"success": true,
"message": {
"access_token": "tesla_access_token",
"refresh_token": "tesla_refresh_token",
"expires_in": 28800,
"created_at": 1640995200
}
}POST /auth/refreshRequest Body
{
"refreshToken": "tesla_refresh_token"
}Response
{
"success": true,
"message": {
"access_token": "new_tesla_access_token",
"refresh_token": "new_tesla_refresh_token",
"expires_in": 28800,
"created_at": 1640995200
}
}-
Generate Authentication URL
- Call
/auth/urlto get a Tesla authentication URL - Store the returned
code_verifiersecurely - Redirect user to the returned
url
- Call
-
Handle Login
- After user authenticates, Tesla redirects to callback URL
- Send the callback URL and stored
code_verifierto/auth/login - Store the returned tokens securely
-
Token Refresh
- When access token expires, use
/auth/refreshwith refresh token - Update stored tokens with new values
- When access token expires, use
The API returns consistent error responses:
{
"success": false,
"message": "Error description"
}MIT