Skip to main content

Documentation Index

Fetch the complete documentation index at: https://smartcar.com/docs/llms.txt

Use this file to discover all available pages before exploring further.

To make requests to the Smartcar API, you first need to obtain an access token. This guide walks you through the process of getting the authorization code and exchanging it for an access token for the first time.
1

1. Launch Smartcar Connect

Direct your user to the Smartcar Connect URL. The user will:
  • Select their vehicle brand
  • Log in with their connected services account
  • Approve the requested permissions
After successful authorization, Smartcar will redirect the user to your application’s redirect_uri with an authorization code as a query parameter.
2

2. Handle the Redirect and Extract the Code

Your application should listen for requests to the redirect_uri. When Smartcar redirects the user, extract the code parameter from the query string. Example redirect:
https://your-app.com/callback?code=AUTH_CODE&state=STATE
3

3. Exchange the Code for an Access Token

Use the authorization code to request an access token and refresh token from Smartcar’s OAuth token endpoint.Here is an example using the Smartcar Node.js SDK:
const smartcar = require('smartcar'); //Smartcar backend Node SDK

const client = new smartcar.AuthClient({
  clientId: 'YOUR_CLIENT_ID',
  clientSecret: 'YOUR_CLIENT_SECRET',
  redirectUri: 'YOUR_REDIRECT_URI',
});

const tokens = await client.exchangeCode('AUTH_CODE'); //'AUTH_CODE' is extracted from the URL query parameter
The returned tokens object includes accessToken and refreshToken strings, plus expiration and refreshExpiration as Date objects. Store these securely in your backend database. The access token expires after two hours, and the refresh token expires after 60 days.

What’s Next