Setting up your own Model 3 “keyfob” – using a IoT Button

Some time ago, I talked about my Tesla Model 3 “keyfob” which essentially uses a Amazon IoT button to call some of Tesla API’s and “talk” to the car. This for me, is cool as it allows my daughter to unlock, and lock the car at home. And of course it is a bit geeky, and allowing one to play with more things. 🙂

Since publishing this, I was surprised how many of you ping me asking on details on how they can did this for themselves. Given the level of interest, I thought I will document this and outline the steps here. I do have to warn you, that this would be a little long – it entails getting a IoT Button configured, and then the code deployed. Before you get started, and if you aren’t techy, I would recommend to go through the post completely, so you get a sense of what is needed.

At a high level, below are the steps that you need to go through to get this working. And this might seem cumbersome and a lot but it is not that difficult. Also if you prefer you can follow the official AWS documentation online here.

  1. Create a AWS Login (if you have a existing Amazon.com login, you can use the same one if you prefer)
  2. Order a IoT Button
  3. Register the IoT Button in the AWS Registry (this is done via the AWS console)
  4. Create (and activate) a device certificate
  5. Create a IoT security policy
  6. Attach the IoT security policy (from the previous step) to the device certificate created earlier
  7. Attach the IoT security policy (now with the associated certificate) to the IoT button
  8. Configure the IoT button
  9. Deploy some code – this is done via a server-less function (also called a Lambda function) – this is the code that gets executed
  10. Test and Deploy
  11. Enjoy the Fob! 🙂

Step 1 – Get the IoT Button

Of course you need to get a IoT Button; I got the AWS IoT Button (2nd Generation) which is what I would recommend.

Step 2 – Login to AWS IoT Console

Open AWS home page and login with your amazon.com credentials. Of course if you don’t have a Amazon.com account, then you want to click in sign up on the top right corner, to get this started.

AWS Login

After I login, I see something similar to the screenshot below. Your exact view might differ a little.

AWS Console

I recommend to change the region to one closer to you. To do this, click on the region on the top right corner and choose a region that is physically closest to you. In the longer run this would help with latency issues between you clicking the button and the car responding. For example in my case, Oregon makes most sense.

AWS Region Selection

Once you have a AWS account setup, login to the AWS IoT console or on the AWS page in the previous step, scroll down to IoT Core as shown in the screenshot below.

AWS Console

Step 3 – Register IoT Button

Next step would be to register your IoT button – which of course means you physically have the button with you. The best way to register is to follow the instructions here. I don’t see much sense in trying to replicate that here.

Note: If you are not very technical, or comfortable, it might be best to use either the “AWS IoT Button Dev” app which is available both on the Apple Store (for iOS) and Google play (for Android).

Once you have registered a button (it doesn’t matter what you call it) – it will show up similar to the screenshot below. I only have one device listed.

List of IoT things

Step 4 – Create a Device Certificate

Next, we need to create and activate a certificate for the device. Without this, the button won’t work. The certificate (which is a X.509 certificate) protects the communication between the button and AWS.

For most people, the one-click certification creation that AWS has, is probably the way to go. To get to this, on the AWS IoT console, click on Secure and then choose Certificates on the left if not already selected as shown below. I already have a certificate that you can see in the screenshot below.

Certificates

If you need to create a certificate, click on the Create button on the top right corner, and choose one of the options shown in the image below. In most cases you would want to use the One-click certificate option.

Certificate creation options

NOTE: Once you create a Certificate, you get three files (these are the keys) that you need to download and keep safe. The certificate itself can be downloaded anytime, but the private and the public keys CANNOT be retrieved again after you close this page. It is IMPORTANT that you download these and save them in a safe place.

Certificate Keys

Once you have these downloaded then click on Activate on the bottom. And you should see a different certificate number than what you are seeing here. And don’t worry I have long deleted what you are seeing on this screen. 🙂

You can also see these in the developer guide on AWS documentation.

Step 5 – Create a IoT Security Policy

Next step is go back to the AWS IoT Console page and click on Policies under Security. This is used to create a IoT policy that you will need to attach to the certificate. Once you have a policy created, then it will look something like the screenshot below.

IoT Policies

To create a policy, click on Create (or you might be prompted automatically if you don’t have one). On the create screen, in the Name you can enter anything that you prefer. I would suggest naming this something that you can remember and differentiate if you will have more than one button. In my case I named it as the same thing as my device.

  • In the policy statements for Action enter “iot:Connect” – without the quotes, but this is case sensitive so make sure you match is exactly.
  • For the Resource ARN enter “*” (again without the quotes) as shown below.
  • And finally for the effect, make sure “Allow” is checked.
  • And click on Create at the bottom.
IoT Policy Creation

After this is created this you will see the policies listed as shown below. You can see the new one we just created with “WhateverNameYouWillRecognize“. You can also see these and more details on the developer documentation – Create a AWS IoT Policy.

IoT Policies

Step 6 – Attach a IoT Policy

Next step is to attach the policy that is just created to the certificate created earlier. To do that, click on Secure and Certificates on the left, and then click on the three dots (called ellipses) on the top right of the Certificate you created earlier. From the new menu that you get, choose “Attach Policy” as shown below.

Attach Policy to Certificate

From the resulting menu, select the policy that you had created earlier and select Attach. Using a sensible name that you would recognize would be helpful. You can also see these details on the developer documentation.

Attach Policy to Certificate

Step 7 – Attach Certificate to IoT Device

Next step is to attach the certificate to the IoT device (or thing). A device must have a certificate, a private key and a root CA certificate to authenticate with AWS. Amazon also recommends to attach a device certificate to the device – this probably isn’t helpful right now, but might be in the future if you start playing with this more.

To do this, select the certificate under Security on the left, and same as the previous step, by click on the three dots on the top right corner, select “Attach thing”.

Attach Certificate

And from the next screen select the IoT button that you registered earlier, and select “Attach”.

Attach Certificate

Step 8 – Configure IoT Button

To validate that everything is setup correctly – the certificate needs to be associated with a policy, and a thing (the IoT button in our case). So on the Certificates menu on the left, select your certificate by clicking on it (not the three dots this time – but rather the name). You will see a new screen that shows the details of the certificate as shown below.

Certificate Details

And on the new menu on the left, if you click on Policies you should see the policy you created, and the Things should have the IoT button you created earlier.

Once all of this is done the next step is to configure the device. You can see more detailed steps on this on the developer guide here.

  • KEY TIP: The documentation doesn’t make it too obvious, but as part of configuring – the device (IoT Button) will become an access point that you will need to connect to and upload the certificates and key you created earlier. You cannot do this from a phone and it is best done from a desktop/laptop that has wifi network. Whilst these days all laptops will have a wifi network card, that isn’t necessarily true for desktops. So use a machine which has a wifi that you can temporarily connect to the access point that the IoT device creates.
  • Note this is only needed for getting the device configured to authenticate for AWS, and get on your Wifi network; once that is done you don’t need to do this.
  • Once you have configured the device as outlined (https://docs.aws.amazon.com/iot/latest/developerguide/configure-iot.html) then continue to the next step.

Step 9 – Deploy some code

At last we are starting to get the interesting part – a lot of what we were doing until now, was getting the button configured and ready.

Now that you have a IoT button configured and registered, the next step is to deploy some code. For this you need to setup a Lambda function using the AWS Lambda Console.

When you login, click on Create Function. On the Create function screen, choose the Blueprints option as shown below. You can see some of these in the developer documentation here.

Create Function screen

Step 10 – Blueprint Search

On the Blueprints search box (which says Filters by tags), type in “button” (without quotes) and press enter. You should see an option called “iot-button-email” as shown below, select that and click configure on the bottom right corner.

IoT Button filter

Step 11 – Basic Information

On the next screen that says “Basic information”, enter the details as shown below. The names should be meaningful for you to remember. Roles can be reused across other areas, for now you can use a simple name something like “unlockCar” or “unlockCarSomeName” if you have more than one vehicle. The policy template should already be populated and you shouldn’t need to do anything else.

Function basic information

For the 2nd half – AWS IoT Trigger, select the IoT type as “IoT Button” and enter your device serial number as outlined in the screenshot below.

IoT Trigger

It won’t hurt to download these certificate and keys in addition to the ones created separately and save them in different folders. And for the Lambda function code, it doesn’t matter on the template code as we will be deleting it all. At this point that will be read-only and you won’t be able to modify anything – as shown in the screen shot below.

Lambda function

And finally scrolling down more, you will see the environment variables. Here is where you need to specify your Tesla credentials to it to be able to use create the token and call the Tesla API. For that you need the following two variables: TESLA_EMAIL and TESLA_PASS. These case sensitive so you need to enter them as is. And then finally click on Create function.

Environment Variables

Step 12 – Code upload

Once you create a function, you will see something like the screen below. In my case the function is called “unlockSquirty” which is what you are seeing. This is divided in to two parts – when on the Configuration page. The top part is the designer that visually shows you what inputs are the triggers that execute the function, and then what it outputs to on the right hand side.  And below the designer is the editor where one can edit the code inline or upload a zip file with the code.

In the function code section, on the first drop down in the left (Code entry type) select upload a .zip file.

And on the next screen upload the function package that you can download from here.

  • Make sure the Runtime is Node.js 8.10
  • Keep the Handler as the default.
  • Double check your Environment variable contain TESLA_EMAIL, and TESLA_PASS.

And scroll down and in the Basic settings, change the timeout to 1 minute. We run thus asynchronously and adding a little buffer would be better. You can leave all the other settings at their default. If your network might be iffy you can make this 2 mins.

Environment Settings

Step 13 – Code Publish

Once you have entered all of this, click on Save on the top right corner and then publish new version. Finally once it is published you will be able to see the code show up as shown in the screenshot below.

Again, a single click will unlock the car, a double-click would lock it, and a long press (holding it for 2-3 seconds) would open the charge port door.

And here is the code:

 var tjs = require('teslajs');

 var username = process.env.TESLA_EMAIL;
 var password = process.env.TESLA_PASS;

 exports.handler = (event, context, callback) => 
 {
  tjs.loginAsync(username, password).done(function(result) 
  {
   var token = JSON.stringify(result.authToken);
   if (token)
    console.log("Login Succesful!");

   var options = 
   {
    authToken: result.authToken
   };

   tjs.vehicleAsync(options).done(function(vehicle) 
   {
    console.log("Vehicle " + vehicle.vin + " is: " + vehicle.state);
    var options = 
    {
     authToken: result.authToken,
     vehicleID: vehicle.id_s
    };

    if(event.clickType == "SINGLE")
    {
     console.log("Single click, attempting to UNLOCK");
     tjs.doorUnlockAsync(options).done(function(unlockResult) 
     {
      console.log("Doors are now UNLOCKED");
     });
    }
    else if(event.clickType == "DOUBLE")
    {
     console.log("Double click, attempting to LOCK");
     tjs.doorLockAsync(options).done(function(lockResults) {
      console.log("Doors are now LOCKED");
     });              
    }
    else if(event.clickType == "LONG")
    {
     console.log("Long click, attempting to CHARGE PORT");
     tjs.openChargePortAsync(options).done(function(openResult) {
      console.log("Charge port is now OPEN");
     });              
    }    
   });
  });
 };

IoT Button – Lambda Function package to unlock Tesla

Lambda function package that executes when a IoT button is pressed, essentially making the IoT Button as a “key fob” for a Tesla. Quite handy for a Model 3, which as of this writing does not have a key fob. You can see this post for an example and more details.

The zip file contains the lambda function package and the dependencies (internally it calls the TeslaJS library to make the Tesla API calls to talk to the car). You don’t need to unzip this, but you can upload this as a zip file to a AWS lambda console that you configure to do actions against the IoT button.

Note:

  • This is not the asynchronous version of the API call – which means it make a blocking call – which in our use case isn’t necessarily a bad thing.
  • If the car is sleeping, executing this one, wakes it up but does not execute the function/code you were trying; and then a second time (now that the car is awake) would execute it. For example in the morning, to unlock the car, we need to press the button twice, but not in quick succession. The second one, once we know the car is awake.

Tesla .ssq file?

Tonight, I was a large download by the car, and saw that it was a .ssq file? The file name is consistent with the firmware naming convention, but I am not sure on what it is. The file itself is 5.11 GB, and in my case its name starts with “NA”. I am guessing, this might be the maps its updating.

Below are a couple of screenshots showing this. I am trying to make sense of the binary file, but not making much headway.

Curious, anyone has any ideas?

Tesla debug/diagnostic screens

I don’t know how to get to debug / dev mode on a Tesla, but did come across this old post, on how someone was in a test drive, which did  have this mode.

Now this is quite old, so a lot has changed, but am impressed that a lot of the components and foundational architecture was setup. I am particularly impressed how each cell in the battery pack and report its state. The BMS that you see is the Battery Management System – that firmware is separate from the car’s firmware.

Tesla diagnostic screen

You can see more photos and geek out online here.

And of course if you really want to geek out, then check out su-tesla, where Hemera has really has gone to party. I don’t know how to do this, and I have a lot of respect for Hemera to do this – she has a lot of guts. Also not sure what the wife would think about it and kick me out. Maybe. 🙂

I am curious though, if those ‘custom’ Ethernet connectors are M12 connectors (PDF) which are quite standard in some industries. Even Amazon sells cables for them.

And finally, from a more (relatively) recent update, the AutoPilot has a tremendous amount of data. As reported here, and you can see on the video below, the volume of data is massive, and quite interesting. For example, what decides there are 4 virtual lanes? The car below is a US car (the country code 840 is a ISO 3166 code).

Tesla voice command list

As I was trying to understand more on the capabilities of the car, and what options I can do. The voice recognition on the car is quite impressive, it does seem as good at understanding as Amazon’s Echo, at least in the early days of “Alexa” (but that is a different story for another time).

I was trying to understand what things can I control, or the options one has via the voice. I am still not used to it, and keep forgetting, that is a option especially when driving. As of the v8 firmware series, the following are the choices that work for voice. Credit to Ingineer for discovering the full list when hacking the car.

The options in English are listed below, and this is missing the “ho ho ho” Easter egg and also the “cancel navigation” command.

"voice_command_list" : [
"command_type" : "navigate",
"description" : "drive to",
"description" : "drive 2",
"description" : "dr to",
"description" : "dr 2",
"description" : "drive",
"description" : "dr",
"description" : "navigate to",
"description" : "navigate 2",
"description" : "navigate",
"description" : "where is",
"description" : "take me to",
"description" : "take me 2",
"description" : "take me",

"command_type" : "call",
"description" : "call",
"description" : "dial",
"description" : "phone",

"command_type" : "note",
"description" : "note",
"description" : "report",
"description" : "bug note",
"description" : "bug report",

"command_type" : "play",
"description" : "play",
"description" : "plays",
"description" : "listen to",
"description" : "listens to",
"description" : "listen 2",
"description" : "listens 2"
]

And if you are keen to know, these are stored as a json file internally, and the fill list here here:

{
    "voice_command_list" : [
        {
            "command_type" : "navigate",
            "description" : "drive to",
            "command_regexp" : "^drive to\\b(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "drive 2",
            "command_regexp" : "^drive 2\\b(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "dr to",
            "command_regexp" : "^dr to\\b(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "dr 2",
            "command_regexp" : "^dr 2\\b(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "drive",
            "command_regexp" : "^drive\\b(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "dr",
            "command_regexp" : "^dr\\b(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "navigate to",
            "command_regexp" : "^navigate to\\b(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "navigate 2",
            "command_regexp" : "^navigate 2\\b(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "navigate",
            "command_regexp" : "^navigate\\b(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "where is",
            "command_regexp" : "^where is\\b(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "take me to",
            "command_regexp" : "^take me to\\b(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "take me 2",
            "command_regexp" : "^take me 2\\b(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "take me",
            "command_regexp" : "^take me\\b(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "naviguer à",
            "command_regexp" : "^naviguer à\\b(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "naviguer au",
            "command_regexp" : "^naviguer au\\b(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "aller à",
            "command_regexp" : "^aller à\\b(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "aller au",
            "command_regexp" : "^aller au\\b(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "nach navigieren",
            "command_regexp" : "^nach\\b(.*)\\bnavigieren$"
        },
        {
            "command_type" : "navigate",
            "description" : "zur navigieren",
            "command_regexp" : "^zur\\b(.*)\\bnavigieren$"
        },
        {
            "command_type" : "navigate",
            "description" : "zu navigieren",
            "command_regexp" : "^zu\\b(.*)\\bnavigieren$"
        },
        {
            "command_type" : "navigate",
            "description" : "nach fahren",
            "command_regexp" : "^nach\\b(.*)\\bfahren$"
        },
        {
            "command_type" : "navigate",
            "description" : "zur fahren",
            "command_regexp" : "^zur\\b(.*)\\bfahren$"
        },
        {
            "command_type" : "navigate",
            "description" : "zu fahren",
            "command_regexp" : "^zu\\b(.*)\\bfahren$"
        },
        {
            "command_type" : "navigate",
            "description" : "wo ist",
            "command_regexp" : "^wo ist\\b(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "navigiere nach",
            "command_regexp" : "^navigiere nach\\b(.*)\\b$"
        },
        {
            "command_type" : "navigate",
            "description" : "navigiere zu",
            "command_regexp" : "^navigiere zu\\b(.*)\\b$"
        },
        {
            "command_type" : "navigate",
            "description" : "导航到",
            "command_regexp" : "^导航到(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "在哪",
            "command_regexp" : "^(.*)在哪$"
        },
        {
            "command_type" : "navigate",
            "description" : "开车到",
            "command_regexp" : "^开车到(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "导航去",
            "command_regexp" : "^导航去(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "導航去",
            "command_regexp" : "^導航去(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "導航到",
            "command_regexp" : "^導航到(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "帶我去",
            "command_regexp" : "^帶我去(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "帶我到",
            "command_regexp" : "^帶我到(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "去",
            "command_regexp" : "^去(.*)$"
        },
        {
            "command_type" : "navigate",
            "description" : "到",
            "command_regexp" : "^到(.*)$"
        },
        {
            "command_type" : "call",
            "description" : "call",
            "command_regexp" : "^call\\b(.*)$"
        },
        {
            "command_type" : "call",
            "description" : "dial",
            "command_regexp" : "^dial\\b(.*)$"
        },
        {
            "command_type" : "call",
            "description" : "phone",
            "command_regexp" : "^phone\\b(.*)$"
        },
        {
            "command_type" : "call",
            "description" : "appeler",
            "command_regexp" : "^appeler\\b(.*)$"
        },
        {
            "command_type" : "call",
            "description" : "composer",
            "command_regexp" : "^composer\\b(.*)$"
        },
        {
            "command_type" : "call",
            "description" : "wählen",
            "command_regexp" : "^(.*)\\bwählen$"
        },
        {
            "command_type" : "call",
            "description" : "anrufen",
            "command_regexp" : "^(.*)\\banrufen$"
        },
        {
            "command_type" : "call",
            "description" : "wähle",
            "command_regexp" : "^wählen\\b(.*)$"
        },
        {
            "command_type" : "call",
            "description" : "ruf an",
            "command_regexp" : "^ruf\\b(.*)\\ban$"
        },
        {
            "command_type" : "call",
            "description" : "rufe an",
            "command_regexp" : "^rufe\\b(.*)\\ban$"
        },
        {
            "command_type" : "call",
            "description" : "打电话给",
            "command_regexp" : "^打电话给(.*)$"
        },
        {
            "command_type" : "call",
            "description" : "打电话给",
            "command_regexp" : "^给(.*)打电话$"
        },
        {
            "command_type" : "call",
            "description" : "拨打",
            "command_regexp" : "^拨打(.*)$"
        },
        {
            "command_type" : "call",
            "description" : "打给",
            "command_regexp" : "^打给(.*)$"
        },
        {
            "command_type" : "call",
            "description" : "打電話俾",
            "command_regexp" : "^打電話俾(.*)$"
        },
        {
            "command_type" : "call",
            "description" : "打俾",
            "command_regexp" : "^打俾(.*)$"
        },
        {
            "command_type" : "call",
            "description" : "打電話去",
            "command_regexp" : "^打電話去(.*)$"
        },
        {
            "command_type" : "call",
            "description" : "打去",
            "command_regexp" : "^打去(.*)$"
        },
        {
            "command_type" : "call",
            "description" : "打電話比",
            "command_regexp" : "^打電話比(.*)$"
        },
        {
            "command_type" : "call",
            "description" : "打比",
            "command_regexp" : "^打比(.*)$"
        },
        {
            "command_type" : "note",
            "description" : "note",
            "command_regexp" : "^note\\b(.*)$"
        },
        {
            "command_type" : "note",
            "description" : "report",
            "command_regexp" : "^report\\b(.*)$"
        },
        {
            "command_type" : "note",
            "description" : "bug note",
            "command_regexp" : "^bug note\\b(.*)$"
        },
        {
            "command_type" : "note",
            "description" : "bug report",
            "command_regexp" : "^bug report\\b(.*)$"
        },
        {
            "command_type" : "play",
            "description" : "play",
            "command_regexp" : "^play\\b(.*)$"
        },
        {
            "command_type" : "play",
            "description" : "plays",
            "command_regexp" : "^plays\\b(.*)$"
        },
        {
            "command_type" : "play",
            "description" : "listen to",
            "command_regexp" : "^listen to\\b(.*)$"
        },
        {
            "command_type" : "play",
            "description" : "listens to",
            "command_regexp" : "^listens to\\b(.*)$"
        },
        {
            "command_type" : "play",
            "description" : "listen 2",
            "command_regexp" : "^listen 2\\b(.*)$"
        },
        {
            "command_type" : "play",
            "description" : "listens 2",
            "command_regexp" : "^listens 2\\b(.*)$"
        },
        {
            "command_type" : "play",
            "description" : "écouter",
            "command_regexp" : "^écouter\\b(.*)$"
        },
        {
            "command_type" : "play",
            "description" : "jouer",
            "command_regexp" : "^jouer\\b(.*)$"
        },
        {
            "command_type" : "play",
            "description" : "spielen",
            "command_regexp" : "^(.*)\\bspielen$"
        },
        {
            "command_type" : "play",
            "description" : "hören",
            "command_regexp" : "^(.*)\\bhören$"
        },
        {
            "command_type" : "play",
            "description" : "abspielen",
            "command_regexp" : "^(.*)\\babspielen$"
        },
        {
            "command_type" : "play",
            "description" : "abhören",
            "command_regexp" : "^(.*)\\babhören$"
        },
        {
            "command_type" : "play",
            "description" : "spiele",
            "command_regexp" : "^spiele\\b(.*)$"
        },
        {
            "command_type" : "play",
            "description" : "spiel",
            "command_regexp" : "^spiel\\b(.*)$"
        },
        {
            "command_type" : "play",
            "description" : "播放",
            "command_regexp" : "^播放(.*)$"
        },
        {
            "command_type" : "play",
            "description" : "收听",
            "command_regexp" : "^收听(.*)$"
        },
        {
            "command_type" : "play",
            "description" : "我想聽",
            "command_regexp" : "^我想聽(.*)$"
        }
    ]
}

Whilst the #NLP engine working on this is quite good, and impressive, I am hopeful that there will be more options added. Elon did share that is something they are working on, and it might be part of the updated v9 release coming out in the next few weeks.

Generating Tesla authentication token – cURL script

I did write a simple Windows (desktop) app called TeslaTokenGenerator, for those who wanted to create authentication tokens for their Tesla, and use with 3rd party apps/data loggers. 

TeslaTokenGenerator can also create a cURL script for you to use, if you prefer not wanting to install anything. It is easy to find this online, but some of you have pinged me to get more details on this. So, I have the script below that you can use. Once you copy this, you will need to update your Tesla account login details (email and password) and run it in a console (command line) and it will all the same API’s to create the token, which then you can save.

curl -X POST -H "Cache-Control: no-cache" -H "Content-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW" -F "grant_type=password" -F "client_id=81527cff06843c8634fdc09e8ac0abefb46ac849f38fe1e431c2ef2106796384" -F "client_secret=c7257eb71a564034f9419ee651c7d0e5f7aa6bfbd18bafb5c5c033b093bb2fa3" -F "email=YOUR-TESLA-LOGIN-EMAIL@SOMEWHERE.COM" -F "password=YOUR-TESLA-ACCOUNT-PASSWORD" "https://owner-api.teslamotors.com/oauth/token"

You can see the screenshots of this below too – one in Windows, and another in Linux (well Bash on Windows, but it is real Linux).

My Tesla Model 3 “Keyfob”

Inspired by a few folks on a few forums online, I took the liberty to extend their idea using a IoT Button, that acts as a simple “keyfob” for the Model 3.

The main goal was being to allow my daughter to lock and unlock the car at home. She is too young to have a phone, and without a more traditional fob, this gets a little annoying. 

I extended the original idea, to understand the different presses (Single, Double, and Long press), and accordingly called the appropriate API to lock the car (single press – think of it as a single click), unlock on a double press, and open the charge port on a long press (when one presses and holds the button 2-3 secs).

Model 3 “Keyfob”

For those who aren’t aware, the Amazon IoT buttons calls a Lambda function on AWS and plugging into that, one can extend this. The button needs to be connected, and online for this to work, and in my case, it is on the home wifi network. 

Windows Tesla Auth Token Generator

If you have a Tesla, and are using (or wanting to use) 3rd party tools or data loggers, the one think they of course need is to authenticate your details with Tesla. A simple, but insecure way is to use your Tesla credentials – and surprisingly many people just happily share and use this.

I wasn’t comfortable doing this – after-all, they have access to your account where you can control a lot of things. Also, there are a few online tools that can generate the auth token, but again I wasn’t comfortable, as I did not know what they saved, or what they did not. 🙂

So, I wrote a simple Windows app that can allow you to generate a auth token that you can save. The application itself is simple. You enter your Tesla credentials, click on Generate Token and can save the generated token. 

Tesla Token Generator Application

To test, if the generated token is working – click on the Test Token button. If everything is working as expected, you will see a list of vehicles that is associated with your account.

If you prefer to use the cURL script, click on the Generate cURL, will generate this and copy it to your clipboard. And it works across operating systems as you can see below (Windows, and Linux), but should also work on Mac.

I do intent to open source this, so folks can have a look at the code, and the Tesla REST APIs. Until then you can download the setup from here.

Leave a comment if you have any issues or any requests.

Update: v1.0.1 Published with minor updates. You can download from the same link above. This adds the revoke screen and some house keeping.

Tesla Token Generator

Simple windows application that can general a Tesla authentication token – that you can use with other apps and sites. No need to share your Tesla login credentials.

This windows application can also use to generate the cURL script for you to use, if you prefer that. The cURL script can be used across most operating systems – Windows, Linux, and, Mac.

Update:

  • v 1.0.1 added – minor improvements, including the Revoke screen.