To get started, register your application with Smartcar by navigating to our dashboard.

After registration, your application will be assigned a CLIENT_ID and a CLIENT_SECRET. The CLIENT_SECRET must be kept safe and used only in exchanges between your application’s server and Smartcar’s authorization server.

Redirect URIs

To authorize with Smartcar, you’ll need to provide one or more redirect URIs. The user will be redirected to the specified URI upon authorization. On redirect, the URI will contain an authorization code query parameter that must be exchanged with Smartcar’s authorization server for an ACCESS_TOKEN.

The redirect URIs must match one of the following formats:

HTTPa localhost URI with protocol http://http://localhost:8000
HTTPSa URI with protocol https://
JavaScript SDK{localhost-or-HTTPS-origin}
HTTP is allowed only for testing purposes on localhost

Javascript SDK

The JavaScript SDK redirect is used along with the JavaScript SDK library. For more details and examples on the redirect usage, see the SDK documentation.


Custom-scheme URIs are used for mobile applications. They must begin with sc and can have an optional path or TLD. See the OAuth reference on redirect URIs.