Obtaining Customer Authorization

Derapi Join

The approach to issuing vendor API credentials and enrolling end-customer devices varies between DER vendors. This section contains summarized instructions on how to get credentials for each vendor and associate customer-owned devices with your credentials. Each vendor is marked with whether end-customer enrollment is via OAuth or a custom authorization scheme.

Derapi recommends using Derapi Join for end-customer authorization. Join is the client-side component that your end-customer will use to authorize their DERs. Join allows you, the application developer, to embed a simple, intuitive UI in your customer experience to capture end-customer authorization.

Integrate Join with your website

To integrate Derapi Join into your website, simply follow the instructions below.
Add this script tag to your HTML

<script src="https://raw.githubusercontent.com/derapi/derapi/main/join/derapi-join.js"></script>

Join requires a Join session to be created. A POST request to https://api.derapi.com/join/session/start will return a session_id. Once the session ID token is created, pass it into the JS function derapi.createJoin() like this:

  import derapi from "https://raw.githubusercontent.com/derapi/derapi/main/join/derapi-join.js";
  const onSuccess = () => {
      alert('success!');
  }
  const onClose = () => {
      alert('closed');
  }
  const join = derapi.createJoin(sessionToken, onSuccess, onClose, derapiToken);
  join.open();

Here is a sample .html file to help you get started.

Once the end-customer has authenticated and you receive the onSuccess() callback, simply call https://api.derapi.com/join/session/{session_id}/fetch-token to retrieve the public token that can be used to access the end-customer's system.

Vendor Credentials

This section outlines per-vendor requirements to enroll customer devices.

Tesla

Requires an account to enroll customer devices. Create a Tesla API account by following these instructions.

Join will return an access_token and refresh_token. Tesla third party refresh tokens expire after 3 months. Use the per-system access_token when making requests.

Solis

Solis does not require developers to create an account to enroll devices.

Solis uses a custom authorization system using API ID and Key for each Solis portal account. Join will return these credentials and they should be included in Derapi API requests.

SMA

SMA requires an account to enroll customers. To create a SMA API account contact SMA and request credentials for the SMA Code Grant Flow.

Join will return an access_token and refresh_token. Use the per-system access_token when making requests.

SolarEdge

SolarEdge does not require developers to create an account to enroll devices.

SolarEdge uses a custom authorization system using an API Key. This key is retrieved from the SolarEdge Monitoring Portal. Join will return these credentials and they should be included in Derapi API requests.

Enphase Monitoring

Enphase requires an account to enroll customers and offers two options for enrolling and authorizing customer systems:

Installer / Partner account

Follow Enphase instructions to get an access_token and API Key. Use these credentials when making requests.

Developer account

Join will return an access_token and refresh_token. Use the per-system access_token and API Key when making requests. Please note that Enphase access tokens expire after 1 day and refresh tokens expire after 1 month.

Enphase Grid Services

Enphase Grid Services requires a distinct authorization from that of Enphase monitoring. Enphase Grid Services offers OAuth2 for enrolling customers. Upon request, Derapi will activate your Enphase Grid Services account and provide the required credentials.

Derapi Join is required to enroll customers for Enphase Grid Services. Derapi will provide Enphase Grid Service credentials for use with Join and making API calls.

Implement Your Own Customer Authorization

If you prefer to implement end-customer authorization please continue reading this section.

Tesla

Tesla offers OAuth2 for enrolling customer systems for API access. Follow the Tesla Third Party Tokens instructions to set up OAuth for customers to authorize your application.

Be sure to request the following scopes: openid, energy_device_data, and offline_access. Tesla third party refresh tokens expire after 3 months.

Tesla

Solis

If you are using a single Solis portal account to make API requests then follow the instructions to add all your customer systems. This is referred to as "Add Plant" in the Solis documentation. Alternatively, you can collect API ID/Keys from your customers and use those to make API requests.

Solis

SMA

SMA offers OAuth2 for enrolling customer systems for API access. Follow the SMA Code Grant Flow instructions to set up OAuth for customers to authorize your application.

Derapi recommends using SMA’s offline_token option to acquire a refresh token that does not expire.

SMA

SolarEdge

If you are using a single SolarEdge monitoring portal account to make API requests then follow the instructions to add all your customer systems. This is referred to as "Add Inverter or Gateway" in the SolarEdge documentation. Alternatively, you can collect API Keys from your customers and use those to make API requests.

Solaredge

Enphase Monitoring

If you are an Application Developer follow these steps to create a Developer Account and get an access token. Please note that Enphase access tokens expire after 1 day and refresh tokens expire after 1 month. Your application should refresh the refresh token before it expires to avoid having to ask customers to manually reauthorize.

Enphase

Enphase Grid Services

Derapi Join is required to enroll customers for Enphase Grid Services.