Authentication

How to authenticate using your DIMO Developer License.

What is JWT?

A JWT (JSON Web Token) is a short piece of text that safely carries information between computers, like from an app to an API. It is digitally signed, so no one can change its contents without being detected.

Authenticating your DIMO Developer License

Authentication with DIMO starts off with obtaining a Developer JWT, proving that you are who you say you are. Once you have a Developer JWT, you then attempt a Token Exchange to get a Vehicle JWT for a specific vehicle in order to access vehicle data.

JWT Type	What It Does	Security Purpose
Developer JWT	Allows general access to DIMO APIs for a longer period of time	No access to vehicle data; keeps general platform open but protected
Vehicle JWT	Grants access to a specific vehicle’s data for a short time	Data access is very limited in time and only for one vehicle; protects sensitive info

How It Works

1

Prerequisites

You will need your Client ID, Redirect URI, and API Key to get your Developer JWT.

2

Getting Your Developer JWT

There are two ways that this can be done in the Developer Console:

• Use the system generated Developer JWT without using an API key
  
• Generate a new Developer JWT using an API key, learn more about fetching a Developer JWT using server SDKs.

3

Using Your Developer JWT

Test using your Developer JWT by interacting with one of our APIs that's secured by a Developer JWT, for example: Vehicle Triggers API.

Try it out

Test Using Your Developer JWT

GET

JWT Token

API Endpoint

4

Fetching a Vehicle JWT

When you have a vehicle available, attempt to get a Vehicle JWT by sending a request to the Token Exchange API.

Developer Notes

You will need to have a vehicle shared with you in order to fetch a Vehicle JWT. Learn more about vehicle sharing using DIMO Connect.

Try it out

Exchange Developer JWT for a Vehicle JWT

POST

JWT Token

API Endpoint

Request Parameters

Vehicle Token ID

Permissions RequestedAll-time, non-location dataCommandsCurrent locationAll-time locationView VIN credentialsLive data streamsRaw dataApproximate location

Select one or more by clicking while holding down Command (⌘ on a Mac) or Ctrl (PC)

Request Body

{
  "nftContractAddress": "0xbA5738a18d83D41847dfFbDC6101d37C69c9B0cF"
}

5

Using a Vehicle JWT

Use your Vehicle JWT in Telemetry API.

Try it out

Simply copy and paste this following header & query while replacing <yourVehicleJwt> and <vehicleTokenId>:

{ "Authorization": "<yourVehicleJwt>" }

query GetAvailable {
  availableSignals(
    tokenId: <vehicleTokenId>
  )
}