Plan Your Integration
There are 3 main steps to integrate Smartcar into your application to make API requests to vehicles:
- Launch Connect to get consent from the vehicle owner
- Fetch an access token
- Make a request to the vehicle
The architecture that’s right for you
Smartcar Connect is Smartcar’s OAuth 2.0 authorization flow. It is your users’ first and only touchpoint with Smartcar. After a user enters the Smartcar Connect flow and authorizes their vehicle(s), your application is able to make requests to the Smartcar API. Those requests allow your application to retrieve information and send commands to the user’s vehicle(s), such as reading the odometer and unlocking the doors.
Depending on your web or mobile application architecture, you can implement the Smartcar Connect flow in different ways.
User launches Connect
Using the Smartcar iOS SDK or the Smartcar Android SDK, your application launches Smartcar Connect in a browser view. The user logs in with the username and password of their vehicle’s connected services account and grants your application access to their vehicle.
User logs in to their vehicle's connected services account
The browser view gets redirected to a special custom-scheme REDIRECT_URI. For more details on how to configure a custom-scheme REDIRECT_URI, see our API reference.
Smartcar redirects the user back to your application
Once the user has completed the Smartcar Connect flow, the completion handler in the iOS or Android SDK is invoked with the authorization code.
Call your back-end service
Your mobile application sends the authorization code to its back-end service.
Fetch your first tokens
In order to exchange the authorization code for an ACCESS_TOKEN, your application makes a request to the Smartcar API. This request must contain the authorization code along with your application’s CLIENT_ID and CLIENT_SECRET.
Store your tokens
In response, Smartcar returns an ACCESS_TOKEN and a REFRESH_TOKEN. These should be stored in your application’s database.
Make an API request
Using the ACCESS_TOKEN, your application can now make API requests to the user’s vehicle.
User launches Connect
Using the Smartcar iOS SDK or the Smartcar Android SDK, your application launches Smartcar Connect in a browser view. The user logs in with the username and password of their vehicle’s connected services account and grants your application access to their vehicle.
User logs in to their vehicle's connected services account
The browser view gets redirected to a special custom-scheme REDIRECT_URI. For more details on how to configure a custom-scheme REDIRECT_URI, see our API reference.
Smartcar redirects the user back to your application
Once the user has completed the Smartcar Connect flow, the completion handler in the iOS or Android SDK is invoked with the authorization code.
Call your back-end service
Your mobile application sends the authorization code to its back-end service.
Fetch your first tokens
In order to exchange the authorization code for an ACCESS_TOKEN, your application makes a request to the Smartcar API. This request must contain the authorization code along with your application’s CLIENT_ID and CLIENT_SECRET.
Store your tokens
In response, Smartcar returns an ACCESS_TOKEN and a REFRESH_TOKEN. These should be stored in your application’s database.
Make an API request
Using the ACCESS_TOKEN, your application can now make API requests to the user’s vehicle.
User launches Connect
Using the Smartcar JavaScript SDK, your application launches Smartcar Connect in a pop-up window. The user logs in with the username and password of their vehicle’s connected services account and grants your application access to their vehicle. If you are interested in building a web application that uses Node for API access, check out our starter applications on Github.
User logs in to their vehicle's connected services account
The user’s browser gets redirected to a special Smartcar-hosted REDIRECT_URI. For more details on how to configure a Smartcar-hosted REDIRECT_URI, see our API reference.
Smartcar redirects the user back to your application
Once the user has completed the Smartcar Connect flow, the onComplete callback in the JavaScript SDK is invoked with the authorization code.
Call your back-end service
Your application front end sends the authorization code to its back-end service.
Fetch your first tokens
In order to exchange the authorization code for an ACCESS_TOKEN, your application makes a request to the Smartcar API. This request must contain the authorization code along with your application’s CLIENT_ID and CLIENT_SECRET.
Store your tokens
In response, Smartcar returns an ACCESS_TOKEN and a REFRESH_TOKEN. These should be stored in your application’s database.
Make an API request
Using the ACCESS_TOKEN, your application can now make API requests to the user’s vehicle.
User launches Connect
You can use your preferred language framework for a server-side setup as long as you use OAuth2 Retrieval protocol. In this case:
- Your application redirects the user’s browser to Smartcar Connect.
- The user logs in with the username and password of their vehicle’s connected services account.
- The user grants your application access to their vehicle.
Smartcar redirects the user back to your application
The Smartcar Connect flow is now complete and the user’s browser gets redirected to a specified REDIRECT_URI. Your application’s server, which is listening at the REDIRECT_URI, retrieves the authorization code from query parameters in the REDIRECT_URI.
Fetch your first tokens
In order to exchange the authorization code for an ACCESS_TOKEN, your application makes a request to the Smartcar API. This request must contain the authorization code along with your application’s CLIENT_ID and CLIENT_SECRET.
Store your tokens
In response, Smartcar returns an ACCESS_TOKEN and a REFRESH_TOKEN. These should be stored in your application’s database.
Make an API request
Using the ACCESS_TOKEN, your application can now make API requests to the user’s vehicle.
Let’s get building
Now you have an idea of how Smartcar works, take a look at one of our Getting Started guides in the tutorials section to get connected to a vehicle.